Senior Engineering Manager, Precision Defense

Horizon3 AI
20h$210,000 - $260,000Remote

About The Position

Horizon3.ai is a fast-growing, remote cybersecurity company dedicated to the mission of enabling organizations to proactively find, fix and verify exploitable attack vectors before criminals exploit them. Our flagship product, the NodeZeroTM platform, delivers production-safe autonomous pentests and other key assessment operations that scale across the largest internal, external, cloud, and hybrid cloud environments. NodeZero has been adopted by organizations of all sizes, from small educational institutions to government agencies and Global 100 enterprises. It is used by IT Ops/SecOps teams, consulting pentesters, and MSSPs and MSPs. We are a fusion of former U.S. Special Operations cyber operators, startup engineers & operators, and formerly frustrated cybersecurity practitioners. We're committed to helping solve our common security problems: ineffective security tools and false positives, resulting in alert fatigue, blind spots, "checkbox” security culture, cybersecurity skills shortage, and the long lead time and expense of hiring outside consultants. Collectively, we are a team of learn-it-alls, committed to a culture of respect, collaboration, ownership, and results. As a remote first company, we require minimum 25Mbps consumer grade broadband connection. We’re looking for a Senior Engineering Manager to lead our Precision Defense engineering teams — the set of teams that turn NodeZero’s offensive insights into autonomous, high-signal defenses across tripwires, rapid response, and security control validation. This is a manager-of-managers role with significant product ownership. You’ll own and scale the engineering teams behind NodeZero’s Precision Defense capabilities, including: Tripwires – building and evolving honeypots, honeytokens, and other deception capabilities that detect real attacker behavior in production environments and provide a high-fidelity last line of defense. Rapid Response – codifying emerging zero-day and n-day threats into tests, targeted checks, and content that proactively alerts customers when they’re exposed and guides fast mitigation. Endpoint, Identity, and Data Security – validating and improving endpoint detection and response (EDR), identity security, and data protection controls using attacker-validated evidence from NodeZero. Detection & Telemetry Integrations – integrating with SIEM/EDR/ITSM and other detection/control surfaces so NodeZero outputs can tune rules, close gaps, and continuously validate that defenses are working. You’ll build and lead an organization that closes the loop between offense and defense: using NodeZero’s attack paths and exploit evidence to drive precise detections, tripwires, and control validation so customers can detect attackers earlier, harden critical assets, and prove that their defenses actually work in production.

Requirements

  • Proven experience leading multiple backend/platform or detection/defense teams, or an engineering org, in a SaaS, cybersecurity, or cloud-scale environment.
  • Track record of taking products from concept to market — including POCs, MVPs, launches, and iterative improvements — in partnership with Product and GTM.
  • Comfort operating in an environment with limited dedicated PM capacity, including helping define direction, shaping roadmaps, and setting technical priorities.
  • Demonstrated ability to manage concurrent initiatives and balance short-term delivery with longer-term platform and product investments.
  • Highly technical background with expertise in software development and B2B SaaS multi-product platforms.
  • Deep understanding of scalable backend architecture, data modeling, databases, and distributed systems.
  • Experience with data pipelines and ETL systems, including performance, reliability, and observability considerations.
  • Strong grasp of cloud infrastructure concepts (AWS, GCP, or Azure), DevOps, and resilience engineering.
  • Familiarity with modern detection and response concepts, including EDR, SIEM, threat detection rules, and detection engineering best practices.
  • Experience or strong interest in offense-informed defense approaches that combine exploitability, attacker behavior, and high-fidelity detections (e.g., tripwires, deception, targeted alerts).
  • Comfort collaborating with offensive security, detection/defense, or security operations teams and translating attack paths into practical defensive controls.
  • Excellent written and verbal communication skills; able to explain complex technical and risk concepts to both engineers and non-technical stakeholders.
  • Experience working cross-functionally with designers, developers, product managers, customer teams, and GTM.
  • Strong documentation habits and a bias toward clarity, transparency, and alignment.
  • Creative, self-motivated, highly energetic, detail- and results-oriented.
  • “Learn-it-all” attitude, with curiosity about both offensive and defensive security domains.
  • Strong ability to identify procedural and architectural gaps, implement best practices, and empower teams to ship high-quality features at high velocity.
  • Bachelor’s and/or Master’s degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience.
  • Extensive experience in technical leadership and architectural decision-making for complex systems.
  • Strong background in backend and/or platform engineering, with deep experience designing, scaling, and maintaining distributed systems.
  • Expertise in at least one modern programming language (Python strongly preferred; Go, Java, C++, or similar also relevant).
  • Familiarity with ETL pipelines, data flow orchestration, and database performance optimization (e.g., PostgreSQL, Neo4j, or equivalent).
  • Experience working with analytics- or graph-heavy workloads, especially where relationships between assets, identities, alerts, and vulnerabilities matter.
  • Solid understanding of cloud infrastructure and services (AWS, Azure, or GCP), including networking, compute, and storage fundamentals.
  • Exposure to infrastructure-as-code and deployment concepts (e.g., Terraform, Docker, Kubernetes, CI/CD tooling).
  • Experience with observability and monitoring stacks (e.g., Prometheus, Grafana, Datadog, OpenTelemetry).
  • Understanding of security and reliability best practices in a multi-tenant SaaS or cybersecurity environment.
  • Knowledge of Linux-based systems (e.g., Ubuntu, Kali) and modern development practices for distributed services.

Nice To Haves

  • Exposure to cybersecurity industry standards, trends, and common attacker and defender techniques is a plus.

Benefits

  • health, vision & dental care for you and your family
  • a flexible vacation policy
  • generous parental leave
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service