Hayden Covington is a Security Operations leader, Detection Engineer, and Instructor who serves as the Associate Director of Security Operations at Black Hills Information Security. With nearly a decade of hands-on experience in Security Operations, Detection Engineering, and Incident Response, he specializes in building and running high-performing blue teams.

Hayden began his security career as a SOC Analyst at Newport News Shipbuilding (Huntington Ingalls Industries), where he worked on the incident response team and later focused on insider threat analysis and SOAR engineering. That experience gave him a deep understanding of how to turn raw telemetry into actionable detections and automate repeatable response at scale.

At BHIS, Hayden leads detection engineering efforts, develops and operationalizes threat intelligence processes, and oversees day-to-day SOC operations across a diverse customer base. His work centers on designing high-fidelity detections, reducing analyst noise, and building workflows that let defenders move quickly and confidently during investigations.

Hayden teaches Foundations of Security Operations, where he walks students through SIEM engineering, ticketing workflows, detection engineering, and alert investigation from the ground up. His teaching is grounded in real-world SOC experience, giving students immediately actionable skills they can bring back to their environments.

Outside of customer work and the classroom, Hayden is a regular contributor to the BHIS blog and a frequent guest on information security talk shows and webcasts, where he covers blue-team topics with a particular focus on detection engineering.