Engineering Manager, Security Detection & Response

Apollo.io
$225,400 - $281,800Remote

About The Position

Apollo is looking for a technical Engineering Manager to lead our Security Detection & Response function. This role is responsible for managing engineers while building and scaling the technical systems behind modern security operations, including detection engineering, Panther content, telemetry onboarding, Python-based automation, and CI/CD workflows for security tooling. This is a hands-on leadership role for someone who can coach a team, make sound engineering decisions, and stay close to the technical details. This role operates in a fully remote environment and requires excellent asynchronous communication and collaboration skills.

Requirements

  • 5+ years of experience in Security Detection & Response, Security Engineering, or Incident Response.
  • 2+ years of people management experience, including hiring, coaching, and performance management, ideally in a remote-first environment.
  • Strong hands-on experience with modern SIEM platforms, security observability, detection engineering, log analysis, and complex security investigations; experience with Panther is highly valued.
  • Strong proficiency in Python for automation, analysis, and internal tooling, with the ability to remain technically credible with engineers.
  • Experience with automation, Git-based workflows, CI/CD practices, threat intelligence-informed detections, AI-assisted workflows, and building agents or AI-native workflows for security content, tooling, or response processes.
  • Experience with cloud-native platforms, security telemetry, and SaaS environments; GCP experience preferred. Familiarity with toolsets similar to Apollo's, including Google Workspace, Okta, GitHub, Slack, Atlassian, Cloudflare, CrowdStrike, Kandji, Panther, and Snowflake-backed log pipelines, is strongly valued.
  • Excellent written and verbal communication, leadership, and stakeholder management skills.

Nice To Haves

  • Experience leading Detection Engineering, Security Engineering, or Security Detection & Response teams in a high-growth cloud or SaaS environment.
  • Experience applying AI-assisted security tooling to detection, triage, investigation, or response in a production environment.
  • Familiarity with MITRE ATT&CK, threat intelligence workflows, and vulnerability management programs, SLAs, and remediation processes.
  • Relevant certifications such as CISSP, GCIA, GCIH, GCED, or cloud security certifications.

Responsibilities

  • Own and continuously improve end-to-end detection, investigation, response, post-incident review, and threat intelligence-informed improvement processes, including AI-assisted triage and investigation workflows.
  • Lead complex and high-severity incidents with clear decision-making, effective stakeholder communication, and accountable follow-through on remediation.
  • Stay technically engaged in investigations across cloud infrastructure, SaaS platforms, corporate systems, user behavior, and abuse scenarios, and translate incident learnings, platform changes, and threat trends into Security Detection & Response priorities.
  • Define and evolve security observability and detection strategy, including telemetry onboarding, signal quality, threat intelligence inputs, alert tuning, and coverage validation.
  • Oversee Panther detections, MITRE ATT&CK-aligned use cases, investigation playbooks, and response automations, with measurement and validation loops for coverage, precision, latency, tuning effectiveness, safe rollout, and attack-simulation-based validation.
  • Transform security operations processes through practical use of AI, including designing agents and AI-native workflows for triage, enrichment, investigation, and response.
  • Drive Python-based tooling, CI/CD practices, and pragmatic use of AI to improve the speed, quality, and reliability of Security Detection & Response workflows.
  • Build, lead, and retain a high-performing remote Security Detection & Response team with clear expectations, strong onboarding, documentation, and knowledge-sharing practices.
  • Coach engineers to grow in technical depth, operational ownership, and leadership capability while partnering closely with Engineering, IT, Fraud, Legal, People, Support, and Product on incidents, investigations, and security improvements.
  • Work closely with Engineering and Infrastructure on telemetry quality, data pipelines, and operational readiness, and communicate security risk, incident impact, and remediation plans clearly to technical and non-technical stakeholders.
  • Define and review strategy-aligned metrics and reporting that measure Security Detection & Response effectiveness, highlight trends and gaps, and inform priorities and stakeholder decisions.

Benefits

  • equity
  • company bonus or sales commissions/bonuses
  • 401(k) plan
  • at least 10 paid holidays per year
  • flex PTO
  • parental leave
  • employee assistance program and wellbeing benefits
  • global travel coverage
  • life/AD&D/STD/LTD insurance
  • FSA/HSA and medical, dental, and vision benefits
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service