Engineering Manager, Detect & Respond

A Day in the Life

Detection Program Strategy: Help own, drive, and execute the Detection Engineering roadmap, balancing new capability development with the operational health of existing systems, including driving threat-informed, TTP-aligned detection development across the team.

Detection Quality: Work with engineers and the business to maintain and refine the measurement framework for detection health, coverage, precision, false positive rates, and safe rollout practices, holding the team to a continuously improving bar.

Threat Modeling: Set expectations for how the team engages with engineering and infrastructure partners on new systems, ensuring D&R requirements (telemetry, threat models, response playbooks) are defined before systems ship.

Incident Response Leadership: Lead or oversee the team's response to security incidents, ensuring clear ownership, fast time-to-contain, and strong post-incident review practices.

Team Leadership: Lead, mentor, and grow a team of detection engineers, investing in their craft and careers.

External SOC Partnership: Partner with our external SOC to define scope, improve triage quality, and identify opportunities to hand off well-defined alert handling.

Cross-functional Collaboration: Collaborate with IT, Risk, Compliance, and the broader Security Engineering team to understand security priorities and translate them into engineering work. Represent Detection Engineering across the organization, making security work legible to non-security teams and building strong stakeholder relationships.

Engineering Quality: Hold a high bar for engineering quality, automated testing, proper observability, documented runbooks, and maintainable code.

Compliance: Lead the team through audits (SOC 2, ISO 27001, etc.), ensuring detection infrastructure supports compliance evidence and control requirements.

What We're Looking For

• 7+ years in security engineering or operations, with 2+ years managing security or detection engineering teams including senior engineers.
• Player-Coach: A track record as a true player-coach, comfortable going deep on technical problems while also leading people and programs.
• Detection Expertise: Strong background in SIEM platforms (Splunk preferred), detection-as-code practices, and threat-informed detection development including familiarity with adversary TTPs and frameworks like MITRE ATT&CK.
• Incident Response: Experience leading or overseeing incident response, including establishing IR playbooks and driving post-incident review practices.
• External SOC: Experience working with or managing an external SOC, including defining escalation paths and performance expectations.
• Cloud & Tooling: Familiarity with cloud environments (AWS), endpoint security (CrowdStrike or similar), and identity platforms (Okta or similar).
• Engineering Quality: Passion for engineering quality, you hold the team to the same standards as any product engineering team.
• Compliance: Experience collaborating with Compliance, Risk, and Audit teams on security controls and evidence collection.
• Communication: Clear, direct communicator who can translate security context for technical and non-technical audiences alike.

Compensation:
New York City: $175,000 - $215,000 base salary. Eligible for variable compensation in the form of a company incentive bonus.