Full-Time Threat Detection Manager

Lead a global team of experienced threat detection engineers in the development, deployment, and continuous improvement of our Cyber Threat Detection Pipeline.

Responsibilities:

• Lead a global team of TDE's in the design, implementation, and maintenance of our Threat Detection Pipeline.
• Promote the use of best practices in security engineering, including secure coding, security testing, and operational incident response. Guide the use of Detection as Code principles, using CI/CD pipelines to automate the deployment and management of detection rules and platform configurations, ensuring fast, and reliable updates across our environment. (Priority)
• Implement and maintain the platform's configuration through Infrastructure as Code (IaC) using tools such as Ansible and Terraform, ensuring that our security infrastructure is scalable, reproducible, and manageable through code.
• Manage the full lifecycle of security tools and platforms, including evaluation, selection, implementation, and optimization.
• Ensure the reliability and performance of the Threat Detection Pipeline through proactive monitoring.
• Foster a culture of innovation, encouraging the team to explore new technologies and approaches that enhance our security capabilities.
• Manage the security engineering data storage and compute budget, ensuring allocation of resources through management of the data lifecycle. (Capacity Planning)
• Present reports on the team's progress, operational incidents, and other relevant metrics to senior management.

Qualifications:

• 10+ years of experience in the Threat Detection field preferably supporting a Cyber Threat Detection function. (flexible)
• 3+ years in a leadership or managerial role overseeing a team. (5+ DR)
• Scripting and Automation Proficiency: Demonstrated expertise in scripting and automation with a proficiency in either Python or Golang, ensuring the development of efficient, scalable security solutions.
• CI/CD and Infrastructure as Code: understanding and hands-on experience with CI/CD concepts, specifically relating to Infrastructure as Code, using platforms such as Github or Bitbucket to automate security operations.
• System Administration Skills: Experienced in system administration across multiple operating systems, including Linux, and Windows, with an emphasis on securing and maintaining IT environments.
• Network Forensics and Event Management: Proficiency in network forensics, including logging and event management, with a focus on identifying, analyzing, and mitigating network-based threats. (Nice to have)
• Defensive Network Infrastructure Knowledge.
• Security Monitoring Technologies: WAF, Web Proxies, UEBA, and DLP, to detect, prevent, and respond to security incidents.
• MITRE ATT&CK™ Framework Understanding: understanding of the MITRE ATT&CK™ framework, cyber threat landscapes, attack vectors, and threat actors, allowing informed decision-making and strategy development. (NTH)
• Cybersecurity Framework Familiarity: Familiarity with common cybersecurity frameworks, such as NIST, or other leading practices and industry standards.(NTH)
• Relevant Security Certifications: CISSP, GCIH, GCIA, or similar, demonstrating a commitment to professional development and expertise in the field.

What is the last date for applying to the job?

Which countries are accepted for this remote job?