Senior Manager, Security & Compliance

Cribl

2d•Remote

About The Position

Cribl does differently. What does that mean? It means we are a serious company that doesn’t take itself too seriously; and we’re looking for people who love to get stuff done, and laugh a bit along the way. We’re growing rapidly - looking for collaborative, curious, and motivated team members who are passionate about putting customers first. As a remote-first company we believe in empowering our employees to do their best work, wherever they are. As the data engine for IT and Security many of the biggest names in the most demanding industries trust Cribl to solve their most pressing data needs. Ready to do the best work of your career? Join the herd and unlock your opportunity. The Senior Director of Security will lead and manage the strategy, development, and optimization of the company's global security detection and response capabilities. This role is responsible for architecting high-fidelity, scalable detection logic across the cloud-based and corporate infrastructure to proactively identify and disrupt sophisticated threats. The ideal candidate has experience building and maturing a detection-as-code program in a high-growth, fast-paced environment and a deep understanding of adversary tactics, techniques, and procedures (TTPs). As a leader foster trust and partnerships between Compliance, Product Security, Engineering, Product, IT, and other divisions.

Requirements

10+ years of experience in cybersecurity, with a dedicated focus on building and scaling advanced security detection and threat hunting programs.
Proven experience in a leadership role, building and managing Detections Engineering or Threat Hunting teams.
Deep expertise in detection engineering principles, adversary tactics (e.g., MITRE ATT&CK), and advanced log source analysis.
Expert-level knowledge of SIEM architecture (e.g., Splunk, Elastic, Sentinel), EDR technologies, and cloud-native detection tools (AWS GuardDuty, GCP Security Command Center, Azure Security Center).
Proficiency in scripting or coding (e.g., Python, KQL, SPL) for detection rule development and automation.
Strong understanding of cloud security architecture (AWS, GCP, Azure) and developing detections for cloud-native threats.
Excellent communication and presentation skills, with the ability to convey complex detection strategies to technical and executive audiences.

Nice To Haves

Relevant industry certifications (e.g., GIAC GDSA, GCFA, CISSP) are a plus.

Responsibilities

Detection Strategy & Architecture: Define the vision, strategy, and roadmap for the security detection program, ensuring alignment with the company’s risk posture and business objectives
Detection Engineering Lifecycle: Oversee the development, testing, deployment, and continuous maintenance of all detection logic (rules, models, baselines) across SIEM, EDR, and other security platforms
Team Leadership: Lead, mentor, and grow a high-performing team of security operators, engineers, and threat hunters
Threat Intelligence Operationalization: Translate emerging threat data and intelligence into actionable, automated, and preventative detection controls.
Security Platform Optimization: Drive the architecture and continuous tuning of the security monitoring and detection platforms (e.g., SIEM, data pipelines) for coverage, performance, and cost-effectiveness
Threat Hunting: Establish and formalize a proactive threat hunting capability to identify threats that evade existing security controls
Compliance: Ensure detection and monitoring operations are compliant with global standards and regulations, such as SOC 2, ISO 27001, GDPR, and FedRAMP
Technology Integration: Partner with internal engineering teams to integrate detection controls directly into cloud infrastructure and corporate environments.
Communication: Serve as a key point of contact to provide executive leadership with a clear view of the company's detection coverage and maturity.