Talent.com
Senior Cybersecurity Detection Engineering Manager

Senior Cybersecurity Detection Engineering Manager

Cox AutomotiveDoraville, GA, United States
30+ days ago
Job type
  • Full-time
Job description

Join our dynamic team as the Senior Cybersecurity Detection Engineering Manager, where you will spearhead a team of Detection Engineers dedicated to designing, implementing, and maintaining state-of-the-art detection capabilities that protect our organization from ever-evolving cyber threats. This is a critical role to advance Cox Automotive's Cyber Defense strategy, facilitating rapid threat response and automated remediation.

In this pivotal position, you will :

  • Define and execute a comprehensive detection engineering strategy and roadmap to meet organizational objectives.
  • Design and deploy advanced threat detection techniques utilizing leading tools such as SIEM, EDR, NDR, and SOAR platforms.
  • Create innovative and tailored detection rules, automated remediation processes, playbooks, and alerts aligned with our threat landscape for enterprise and customer security.
  • Employ industry-standard MITRE frameworks to ensure comprehensive detection coverage and address gaps proactively.
  • Continuously monitor, optimize, and enhance detection systems for performance, scalability, and effectiveness.
  • Collaborate with the Threat Detection and Response team to bolster cybersecurity capabilities in efficiently identifying, managing, and responding to threats.
  • Conduct attack simulations to validate the effectiveness of detection use cases and participate in purple teaming exercises with the Vulnerability Management team.
  • Oversee the management of SIEM / Data Lake data management and log ingestion infrastructure, working closely with Cyber Defense Engineering.
  • Evaluate and refine detection capabilities, tuning or decommissioning them as necessary.
  • Maintain up-to-date operational guidelines, diagrams, and documentation for detection and response processes.

In addition to cybersecurity detection engineering, you will support our incident response initiatives by :

  • Working alongside the incident response team to ensure swift detection and containment of cyber threats.
  • Providing technical expertise to develop detection use cases during critical security incidents.
  • Continually refining detection and response procedures based on insights gained from incidents.
  • Taking on additional responsibilities as needed to address emerging security threats.
  • Offering off-hour support as necessary for security administration, detection, and response activities.

    • You will also integrate threat intelligence to :

  • Enhance detection capabilities and proactively mitigate risks.
  • Identify and analyze new and emerging threat vectors, incorporating them into detection strategies.

    • Collaboration with stakeholders is key, so you will :

  • Partner with Cybersecurity, Engineering, and Product teams to align detection strategies with organizational goals.
  • Effectively communicate detection capabilities and findings to both technical and non-technical stakeholders, including executive leadership.

    • We prioritize governance and compliance, ensuring :

  • All detection processes and tools meet regulatory requirements and industry standards (e.g., GDPR, PCI-DSS, NIST).
  • Comprehensive documentation of detection strategies, processes, and configurations is maintained.

    • Professional Technology Skills Required :

  • A proven history of building scalable teams with top-notch threat detection capabilities.
  • Technical skills in conducting large-scale security investigations across endpoints, cloud, identity, network, and email threats.
  • Experience collaborating with internal IT teams and external MSSPs on creating and operationalizing Detection Engineering use cases for WAF, DDoS Protection, Email systems, DLP, AV, and Endpoint security technologies.
  • Working knowledge of Detection & Response tools for network, endpoints, cloud, identity, and SOAR platforms.
  • Ability to apply security Threat Intelligence for identifying new threat vectors.
  • Leadership in projects aimed at enhancing security monitoring and response capabilities.
  • A solid background in security engineering and architecture to deploy effective security measures.
  • Understanding of operating system internals, including Linux, MacOS, and Windows.
  • Strong communication skills to convey security issues to management and stakeholders.
  • Maintain and manage detection use case and SIEM configuration standards for security practices.
  • Foster and mentor team members pursuing careers in detection engineering.
  • Manage relationships with organizational leaders to drive initiatives and achieve objectives.
  • A basic understanding of Machine Learning concepts in connection with predictive analytics.

    • Essential Knowledge, Experience & Qualifications :

  • Bachelor's degree in Computer Science or equivalent, with 8+ years of relevant professional experience (alternative combinations such as a master's degree with 6 years or substantial experience may also be considered).
  • Experience in multi-cloud security across AWS, Azure, and GCP.
  • Expert-level knowledge in Detection Engineering and Security Operations.
  • 3+ years of management or leadership experience involving direct people management.
  • Strong background in Information Security, Network Security, Security Monitoring, and Incident Response.
  • Experience in developing SIEM / SOAR detection and automation use cases.
  • Familiarity with standard security technologies like Threat Intelligence, Firewalls, SASE, IPS, Endpoint Security, DLP, SIEM / SOAR, and Data Lakes.
  • In-depth understanding of the attack kill chain and diamond model.
  • 5+ years of experience in Incident Response or Security Operations roles.
  • 3+ years of leadership experience within a SOC or related function.
  • Willingness to work onsite three times a week in North Hills, NY or Atlanta, GA.
  • Authorization to work in the United States without current or future sponsorship is required.

    • Desired Qualifications :

  • Relevant certifications such as GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA.
  • Experience in development, DevOps, engineering, network, or system administration.

    • Compensation :

    Base salary ranges from $173,900.00 to $289,800.00, varying by location and candidate qualifications, with potential for additional incentives.

    Benefits :

    Eligible employees enjoy flexible vacation policies, paid holidays, and extensive wellness-based leave. Additional paid leave options include bereavement, voting time off, jury duty, volunteer time, military leave, and parental leave.

    Create a job alert for this search

    Senior Manager Engineering • Doraville, GA, United States