Vice President - Threat Detection Engineer

Embrace the challenge of maintaining robust digital security, driving operational excellence, and implementing cutting-edge solutions in cybersecurity.

As a Vice President - Threat Detection Engineer you will contribute deep expertise in adversary behavior, strong security engineering and data analysis skills, and the ability to convert threat intelligence into effective detection. You will regularly collaborate with cross-functional teams to develop a coordinated approach to security, ensuring the integrity, confidentiality, and availability of sensitive data and systems. You will apply advanced analytical, technical, and problem-solving skills to enable operational excellence and implement innovative solutions to address complex security challenges. By staying current with industry best practices, policies, and procedures, you will contribute to maintaining a secure digital environment and driving continuous improvement in the firm.

Collaborating closely with Security Operations Center (SOC) analysts, threat hunter, red team members, and internal security engineering teams, you will develop scalable, high-fidelity detections using logs, telemetry, and behavioral analytics from diverse data sources. The ideal candidate will have SOC experience, a passions for researching TTPs and the threat landscape, and the ability to translate this research into high-quality detections.

As a Threat Detection Engineer, your responsibilities will include advanced analysis, threat hunting, evaluating new security technologies, and ensuring the integration of larger technology projects into the Cyber Defense team and monitoring function. You will apply advanced analytical, technical, and problem-solving skills to achieve operations excellence.

Job responsibilities

• Execute and influence the design of comprehensive security strategies, policies, and procedures to enhance threat detection capabilities and protect the organization's digital assets and infrastructure from cybersecurity threats
• Design, implement, and continuously refine advanced threat detection rules, logic, and models in SIEM, EDR, and cloud-native platforms (e.g., Splunk, Sentinel, CrowdStrike, AWS / Azure / GCP).
• Utilize detection-as-code- pipelines and SRE principles to build and maintain detections with appropriate versioning, QA, and testing workflows.
• Perform threat model review, architecture reviews and detection gap assessments.
• Operationalize MITRE ATT&CK mappings, threat intel insights, and adversary simulations results to develop precise detection logic.
• Proactively monitor and analyze complex data and systems to identify indicators of vulnerabilities and compromises, utilizing advanced tools and techniques to detect anomalies and contribute to the development of strategies for security investigation, threat mitigation, and incident response
• Collaborate with cross-functional teams to ensure a coordinated approach to security, sharing insights, and promoting best practices across the organization
• Evaluate and enhance the organization's security posture by staying current with industry trends, emerging threats, and regulatory requirements, driving innovation and process improvements.

Required qualifications, capabilities, and skills

Preferred qualifications, capabilities, and skills

#J-18808-Ljbffr