Manager, Cyber Threat Operations

GAF

About The Position

At GAF, we cover more than buildings. We cover each other. No matter what role, tenure, or track, under this roof you are empowered to be there for your teammates, your customers, and especially your community. Under this roof, we don’t back down from hard work– we support one another in pursuit of something bigger. We define the future while leading the present. And under this roof, we own our opportunities. Becoming the market leader only happens when everyone feels they have the opportunity, and the support, to thrive. We are GAF. And under this roof, we protect what matters most. We are seeking a highly motivated and technically proficient Manager of Cyber Threat Operations to lead a team of cybersecurity experts. This is a role for a hands-on leader who is passionate about diving into the technical details while also mentoring and guiding a team responsible for protecting our organization. You will be at the forefront of our defense, leading critical services including threat intelligence, threat hunting, incident response, and purple teaming. You are the ideal candidate if you thrive in high-stakes environments, enjoy both strategic leadership and hands-on-keyboard analysis, and are driven to build and develop a world-class cybersecurity team.

Requirements

Applicants currently residing in the following states will be considered: AK, AZ, CA, CO, CT, ID, IL, IN, KS, KY, MA, ME, MI, MN, MT, ND, NE, NJ, NM, NY, OR, RI, TX, UT, VT, WI, WV, HI, SD, WY
Bachelor’s Degree Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience
8+ years of experience in cybersecurity with at least 5 years in a hands-on technical role focused on one or more of the following: Incident Response (IR), Threat Hunting, or Cyber Threat Intelligence (CTI).
2+ years of experience in a leadership capacity.
Deep, hands-on experience with core security technologies such as SIEM, EDR, and Network Security Monitoring tools.
Proven experience leading the response to significant cybersecurity incidents (e.g., ransomware, APT intrusions).
Strong understanding of the modern threat landscape, attacker TTPs (Tactics, Techniques, and Procedures), and cybersecurity frameworks like MITRE ATT&CK and the Cyber Kill Chain.
Excellent communication skills, with the ability to translate complex technical concepts for non-technical stakeholders.

Nice To Haves

Master’s degree preferred
Advanced industry certifications such as GCIH, GCFA, GCFE, GREM, GNFA, OSCP, or similar.
Proficiency in scripting or programming for automation and analysis (e.g., Python, PowerShell, KQL).
Experience conducting digital forensics and memory analysis on Windows, Linux, and macOS systems.
Experience designing and executing formal purple team exercises.
Experience working in a large, global, and geographically distributed organization.

Responsibilities

Lead and Mentor: Manage a global team of security analysts and engineers, fostering a culture of technical excellence, continuous learning, and collaboration. Provide regular coaching, performance feedback, and career development guidance.
Strategic Direction: Develop and execute the roadmap for cyber threat intelligence, hunting, incident response, and purple teaming services to align with business objectives and the evolving threat landscape.
Stakeholder Communication: Effectively communicate complex technical findings, incident statuses, and strategic recommendations to both technical and executive audiences.
Process Improvement: Drive the continuous improvement of security operations playbooks, procedures, and team capabilities
Cyber Incident Response: Act as a senior incident responder during major security events, providing technical guidance and hands-on support for containment, eradication, and recovery. Perform analysis on compromised systems. Create and test incident response plans.
Cyber Threat Hunting: Lead and participate in proactive, hypothesis-driven threat hunts across our enterprise networks and cloud environments using EDR, SIEM, and other security data sources. Develop novel hunting techniques and analytics.
Cyber Threat Intelligence (CTI): Oversee the CTI lifecycle, from collection and analysis to dissemination. Personally analyze and contextualize intelligence from various sources to inform defensive actions and hunting missions.
Purple Teaming: Plan, coordinate, and participate in purple team exercises, working collaboratively to test, measure, and improve our security controls and detection capabilities.

Benefits

We offer a wide range of health insurance options that include medical, dental, and vision for you and your family.
Our Family-Building benefits support the many different journeys to fertility and parenthood.
Our robust 401K plan includes an employer match contribution with your pre-tax and/or Roth contributions.
Other exciting programs and perks are available to help employees achieve work-life balance, including (but not limited to) a wellness program, free financial coaching, a referral program, and product rebates when purchased for an employee’s primary residence.
Professional growth and development are very important to us! We offer internal training programs and courses, as well as a generous tuition reimbursement program.
We're committed to fostering a culture that reflects our values to connect, empower, evolve, and inspire. We offer many opportunities for employees to connect with one another, including through our Employee Resource Groups who focus on education and allyship for all of our employees.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume