Manager, Detection & Response Engineering
About The Position
Imagine yourself as a Security Operations Center (SOC) analyst, and a new alert pops to the top of the queue. You open the alert and all of the data you need to make a decision is present. After a quick investigation, you’ve notified the customer of a potential security incident. Now, imagine you lead the team that created the detection logic, built the response actions that enriched the alert, and defined the scalable process that delivered this high-quality outcome. You are the hands-on leader focused on innovating Expel’s detection & response capabilities. Your team creates and evolves our detection strategies, measurably improving our coverage of attacks across their lifecycle. The team also pioneers new, impactful features and technologies for the SOC through innovation, advanced engineering, and iterative, dependable delivery of value. This includes exploring and integrating concepts like automation, traditional ML, and GenAI. What Expel can do for you We will place you in a critical leadership role that is central to the continuous evolution of our platform and the success of Expel’s business. We will enable you to deliver detection outcomes for our customers immediately within our existing platform, and with that experience, to define how we evolve the platform. We will facilitate your team’s research through access to one of the most exciting security data sets in the industry, originating from 100+ integrations. What you can do for Expel Lead a high-performing team of Detection & Response engineers. Pioneer new, impactful features & technologies aimed at dramatically improving SOC efficacy and efficiency. Work closely with Product Management and Data Science teams to focus on delivering transformative capabilities to the SOC analysts. Ensure the team is continuously improving Expel’s detection and quality controls by creating, validating, and evolving our detection strategies, improving our measurement capabilities, and up-leveling our monitoring abilities. Instill a culture of experimentation, quality, and continuous improvement within the D&R team.
Requirements
- 5+ years of related professional experience.
- Highly effective team management and project management skills.
- MDR experience strongly preferred.
- Senior or higher technical detection engineering expertise within at least one of identity, cloud, or endpoint security paradigms.
- Substantial understanding of detection engineering and associated technologies and frameworks.
- Strong knowledge of creating and validating detection strategies for a variety of technology types (e.g. identity, cloud, endpoint).
- In-depth knowledge of attack vectors, threat tactics, and attacker techniques.
- Familiarity with automation, traditional ML, and GenAI concepts and platforms (e.g., LLMs, agents).
- Familiarity with large-scale data processing/ETL pipelines and cloud infrastructure (AWS/Azure/GCP).
Responsibilities
- Lead a high-performing team of Detection & Response engineers.
- Pioneer new, impactful features & technologies aimed at dramatically improving SOC efficacy and efficiency.
- Work closely with Product Management and Data Science teams to focus on delivering transformative capabilities to the SOC analysts.
- Ensure the team is continuously improving Expel’s detection and quality controls by creating, validating, and evolving our detection strategies, improving our measurement capabilities, and up-leveling our monitoring abilities.
- Instill a culture of experimentation, quality, and continuous improvement within the D&R team.
Benefits
- unlimited PTO
- work location flexibility
- up to 24 weeks of parental leave
- really excellent health benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
