Senior Manager of Cybersecurity Detection Engineering

Senior Manager of Cybersecurity Detection Engineering

Requirements

• Bachelor’s degree in Computer Science or equivalent and 8+ years of industry related professional experience.
• Multi-cloud security experience AWS, Azure, GCP
• Expert level knowledge on Detection Engineering and Security Operations
• 3+ years of management or leadership experience with direct people management responsibilities
• Strong experience with Information Security, Network Security, Security Monitoring, and Incident Response.
• Strong experience with developing SIEM/SOAR detection and automation use cases.
• Working experience with industry standard security technologies and services such as Threat Intelligence, Firewalls, SASE, IPS, Endpoint Security, DLP, SIEM/SOAR, and Data Lakes.
• Expert level knowledge on the attack kill chain and diamond model.
• 5+ years’ experience in an Incident Response or Security Operations role
• 3+ years’ leadership experience in a SOC or equivalent role
• Must live within a commutable distance to North Hills NY or Atlanta GA and be willing to come onsite 3x a week.

Responsibilities

• Lead a team of Detection Engineers in designing, implementing, and maintaining advanced detection capabilities.
• Develop the strategy for the Detection Engineering program and establish metrics to demonstrate continuous improvement.
• Define detection engineering strategy, roadmap, and objectives to achieve.
• Design and implement advanced threat detection techniques using tools such as SIEM, EDR, NDR, and SOAR platforms.
• Develop innovative custom detection rules and automated remediation, playbooks, and alerts tailored to the organization’s threat landscape for enterprise and customer security.
• Leverage industry standard MITRE frameworks to identify detection coverage and close gaps.
• Monitor, optimize, and continuously improve detection systems for performance, scalability, and effectiveness.
• Collaborate with Threat Detection and Response team to continuously improve cybersecurity capabilities in identification, management, and response to threats.
• Perform attack simulation testing to validate efficacy of use cases and purple teaming exercises collaborating with the Vulnerability Mgmt team.
• Manage and maintain SIEM/Data Lake data management and log ingestion infrastructure in collaboration with Cyber Defense Engineering.
• Evaluate, validate, tune, and sunset where necessary detection capabilities.
• Maintain operational guidelines, diagrams, and documentation for security detection and response.
• Collaborate with the incident response team to ensure rapid detection and containment of cyber threats.
• Provide technical expertise and guidance to develop detection use cases during high-severity security incidents.
• Continuously improve detection and response processes based on lessons learned from incidents.
• Leverage threat intelligence to enhance detection capabilities and proactively mitigate risks.
• Identify and analyze new and emerging threat vectors and incorporate them into detection strategies.
• Partner with other Cybersecurity, Engineering, and Product teams to align detection strategies with organizational objectives.
• Communicate detection capabilities and findings to technical and non-technical stakeholders, including executive leadership.
• Ensure all detection processes and tools adhere to regulatory requirements and industry standards (e.g., GDPR, PCI-DSS, NIST).
• Establish and maintain documentation of detection strategies, processes, and configurations.

Preferred Qualifications

• GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s)
• Development/ Dev Ops / Engineering / Network / System Administration experience