Senior Manager, Threat Detection and Response

About The Position

Requirements

• 10+ years of experience in cybersecurity, with significant experience in threat detection, security operations, incident response, or threat hunting.
• 5+ years of people leadership experience managing technical security teams in a fast-paced environment.
• Strong experience with security platforms such as SIEM, EDR/XDR, SOAR, email security, identity monitoring, and cloud security tooling.
• Deep understanding of attacker tactics, techniques, and procedures, as well as detection engineering concepts and incident response methodologies.
• Experience building or maturing operational processes, dashboards, metrics, and cross-functional escalation models.
• Strong verbal and written communication skills with the ability to brief both technical teams and executive stakeholders.
• Working knowledge of cybersecurity frameworks and standards such as NIST, MITRE ATT&CK, CIS Controls, and incident handling best practices.

Nice To Haves

• Experience leading security operations in cloud-first or hybrid enterprise environments.
• Hands-on familiarity with detection-as-code, automation, and threat-informed defense practices.
• Knowledge of digital forensics, malware triage, insider threat monitoring, or purple team collaboration.
• Relevant certifications such as CISSP, GCIH, GCIA, GCED, CISM, or similar.
• Experience in environments with complex audit and compliance requirements.

Responsibilities

• Lead and develop the cyber threat detection and response function, including analysts, detection engineers, and incident responders.
• Define and execute the roadmap for threat detection, alert tuning, threat hunting, and response process maturity.
• Oversee MSSP and internal development and optimization of high-fidelity detections across SIEM, EDR, identity, cloud, email, and network telemetry sources.
• Translate threat intelligence, adversary techniques, and incident learnings into actionable detection content mapped to frameworks such as MITRE ATT&CK.
• Direct incident response activities for high-priority cybersecurity events, including triage, containment, investigation, eradication, recovery, and post-incident review.
• Partner closely with security engineering, infrastructure, cloud, legal, HR, privacy, and business stakeholders to improve readiness and response coordination.
• Establish and monitor metrics such as mean time to detect, mean time to respond, and control effectiveness.
• Drive automation and orchestration initiatives that improve investigation speed, response consistency, and analyst efficiency.
• Maintain and mature playbooks, runbooks, escalation procedures, and executive reporting processes.
• Support audits, compliance activities, tabletop exercises, and security program reviews related to detection and response capabilities.

Benefits

• Medical, dental, and vision insurance
• Remote-flexible workforce
• Wellness Programs
• 401(k) program with employer match
• Flexible paid time off
• Generous Parental Leave
• Donations for Doers
• Pet insurance, legal and identity protection
• Tuition reimbursement program