Lead, Security Detection – Response Team

📋 Description

• Enhance the maturity of our Detection & Response program while managing the daily operations of the CyberSecurity Detection & Response function.

• Utilize internal and partner resources to proactively identify, address, and stay ahead of emerging threats.

• Collaborate with Security, Engineering, Technology, and Business teams to safeguard systems and protect customer data.

• Identify and prioritize gaps in controls, processes, and training; collaborate with various teams to mitigate these gaps.

• Monitor cybersecurity threats and incorporate intelligence into our Detection & Response program.

• Elevate the maturity level of cybersecurity operational functions encompassing response, intelligence, detection engineering, and offensive security domains.

• Conduct training programs for embedded responders within business and technical teams.

• Implement automation to streamline and eliminate manual processes within the Detection & Response function.

• Provide mentorship to incident response team members to continually enhance their capabilities.

⛳️ Requirements

• Previous experience managing cybersecurity incidents, ideally across multiple organizations and in collaboration with Managed Security Service Providers (MSSP).

• Proficiency and comfort in conducting investigations independently within a modern SIEM such as Splunk, Sumologic, or DataDog.

• A hands-on approach to technology, with a strong ability to adapt and tailor technology to specific needs.

• Familiarity with a programming language such as Python, JavaScript, Rust, or Go will be advantageous.

• Demonstrated history of effective collaboration with internal and external partner organizations to achieve high-quality results.

• Experience with Software as a Service (SaaS) platforms and understanding how to protect them against cyber threats.

• Close familiarity with utilizing public cloud services to provision SaaS/PaaS solutions.

• Strong knowledge of modern corporate networks (SD-Wan, service-based remote access, device trust, endpoint machine identity).

• Experience in investigating and countering contemporary adversary tactics, techniques, and procedures in an incident response context.

• Over 5 years of professional experience in security engineering, incident response, threat intelligence, or cloud infrastructure security.

🏝️ Benefits

• Medical insurance

• Dental insurance

• Vision insurance

• 401(k) retirement plan

• Life insurance

• Long-term disability insurance

• Short-term disability insurance

• Flexible paid time off

• 12 weeks of paid parental leave

• National holidays paid