Managing Engineer, Cyber Defense

About The Position

Requirements

• Master’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent depth of cybersecurity engineering experience.
• 8+ years in security operations, incident response, or cybersecurity roles with multi‑platform ownership and proven enterprise impact.
• Curiosity and willingness to learn new technologies, including use of AI and AI-enabled security capabilities.
• Domain expertise (identity, endpoint, email, cloud, network, data protection, etc).
• Expert understanding of identity threats (MFA fatigue, token theft, OAuth abuse), email threats, EDR evasion, and cloud/system misconfigurations.
• Demonstrated leadership of large‑scale incident response actions, detection / resiliency initiatives with measurable risk reduction.
• Ability to solve complex cybersecurity operational problems without guidance.
• Master-level executive communication, risk storytelling, stakeholder influence, and cross‑functional leadership.
• Ability to quickly organize and manage multiple competing tasks simultaneously.
• Ability to translate adversary TTPs into engineering changes for security tools.

Nice To Haves

• ISC2 Certified Information Systems Security Professional (CISSP), ISACA Certified Information Security Manager (CISM) or similar.

Responsibilities

• Program Oversight & Operations
• Hiring, mentoring, and coaching a diverse team of security analysts and engineers in multiple locations.
• Support an enterprise threat intelligence program to assess the threat landscape.
• Direct development, implementation, and enforcement of technical security controls.
• Support enterprise security projects and process improvements.
• Drive use of AI tools / systems to increase detection speed and reduce alert fatigue.
• Incident Response & Operations Management
• Supervise day-to-day cyber defense operations.
• Lead response actions for elevated cybersecurity events and incidents.
• Lead hypothesis-driven hunts across enterprise networks and cloud environments to identify hidden threats.
• Coordinate detection and response automation efforts.
• Create and mature incident response runbooks and conduct tabletop exercises to ensure team readiness.
• Security Monitoring & Analysis
• Monitor and analyze SIEM alerts.
• Assess vulnerabilities and coordinate remediation.
• Ensure compliance with security standards and policies.
• Stakeholder Collaboration & Risk Management
• Collaborate with Exposure Management and other stakeholders to understand attack surface.
• Ensure security is embedded in application and engineering workflows.
• Support audits and third-party assessments.
• Technology & Vendor Management
• Evaluate and manage third-party Managed Security Service Providers (MSSPs) to maintain high service quality and SLA compliance.
• Evaluate new security technologies.
• Manage vendor relationships and licensing.
• Leadership & Business Support
• Provide people leadership and performance management.
• Support budgeting, procurement, and forecasting.