Head of Cyber Defense

Mitiga

About The Position

This is a senior player-coach role, combining deep technical expertise in cloud, SaaS, and AI security with a strong customer-facing presence. The Head of Cyber Defense will lead Mitiga's managed CDR service, drive intelligence-led threat hunting, and conduct forensic investigations across cloud, SaaS, AI, and identity environments. Sitting within Engineering, this role involves close collaboration with R&D and Product to drive automation and AI adoption, building detection and response capabilities that scale beyond manual operations. US-based leadership is intentional, as Mitiga's enterprise customers require direct engagement, rapid escalation, and executive-level communication in their time zones.

Requirements

8+ years of hands-on experience in cloud incident response, threat hunting, or security operations
Deep cloud and SaaS expertise: AWS, Azure, GCP, Salesforce, GitHub, Okta, Microsoft 365, Google Workspace
Strong command of attacker TTPs (MITRE ATT&CK for Cloud/SaaS), forensic analysis, and log-based investigation methodology
Experience designing detection logic, hunting playbooks, or automation workflows — not only executing them
Proven track record of direct, high-quality customer engagement with both technical practitioners and C-suite stakeholders
Experience managing and mentoring a team; ability to build operational process and culture from an early foundation

Nice To Haves

Conference presentations, published research, or media coverage in cloud/AI/SaaS security
Hands-on experience with Python, KQL, SPL, or Databricks for investigative data analysis
Experience implementing AI-assisted tooling or agentic workflows in a security operations context
Background working within or alongside a high-growth security vendor

Responsibilities

Monitor, triage, and respond to detections across cloud, SaaS, AI and identity; own customer-facing communication during active events within defined SLAs; maintain 24/7 team readiness
Design and lead intelligence-driven proactive hunting campaigns (MITRE ATT&CK, CISA, vendor intel); translate findings into platform-native automated detections; contribute published research and threat reports
Personally lead S1/S2 forensic investigations end-to-end: scoping, evidence collection, analysis using Mitiga's Helios AI platform, attribution, and executive-quality reporting
Serve as the primary technical authority for enterprise customers; support sales cycles, QBRs, and EBRs; surface field-observed detection gaps to Engineering with context and accountability
Identify toil across CDR, hunting, and IR workflows; partner with Engineering to systematically automate; champion agentic SOC tooling and LLM-assisted triage
Hire, develop, and retain a global team of 5 analysts, responders, and hunters; represent Mitiga at industry events; author blog posts and threat intelligence content grounded in real operational depth