The Detection Engineering Manager will lead a team of skilled engineers responsible for designing, developing, and maintaining advanced threat detection capabilities across enterprise and manufacturing environments. This role is pivotal in proactively identifying malicious activity, reducing dwell time, and enhancing the organization’s ability to detect and respond to cyber threats.
Requirements
- Deep understanding of threat detection technologies including SIEM, EDR, and cloud-native tools.
- Hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel) and EDR solutions (e.g., CrowdStrike, Defender for Endpoint)
- Proficiency in detection scripting languages such as KQL and Sigma
- Strong knowledge of adversary tactics and techniques, including MITRE ATT&CK and the Cyber Kill Chain.
- Ability to define and execute detection engineering strategies aligned with business risk.
- Skilled in cross-functional collaboration with SOC, IR, threat intel, and IT/OT teams.
- Passion for automation and continuous improvement in detection engineering workflows.
Responsibilities
- Develop and optimize detection logic, signatures, and analytics across SIEM, EDR, and cloud-native platforms.
- Oversee hypothesis-based threat hunting campaigns performed by team members
- Integrate threat intelligence into detection and response workflows to enhance situational awareness.
- Translate threat actor behaviors into actionable detections using frameworks like MITRE ATT&CK and the Cyber Kill Chain.
- Conduct threat modeling and detection gap analysis to continuously improve detection coverage.
- Ensure detection logic is tested, validated, and tuned for accuracy and performance.
- Stay current with emerging threats, tools, and techniques to maintain cutting-edge detection capabilities.
Other
- Manage and mentor a team of detection engineers, fostering a culture of innovation, collaboration, and technical excellence.
- Define and execute detection engineering strategy aligned with business risk and organizational goals.
- Lead initiatives to automate detection engineering workflows and improve team efficiency.
- Oversee the full lifecycle of detection engineering projects, including prioritization, resource allocation, and performance tracking.
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (completed and verified prior to star) from an accredited university.
