Perennial Resources International
Detection Engineering Manager
Perennial Resources International, Saint Paul, Minnesota, United States, 55130
The Detection Engineering Manager will lead a team of skilled engineers responsible for designing, developing, and maintaining advanced threat detection capabilities across enterprise and manufacturing environments. This role is pivotal in proactively identifying malicious activity, reducing dwell time, and enhancing the organization's ability to detect and respond to cyber threats. The ideal candidate will combine deep technical expertise with strong leadership and a passion for innovation in cybersecurity.
Key Responsibilities:
Management
Manage and mentor a team of detection engineers, fostering a culture of innovation, collaboration, and technical excellence. Define and execute detection engineering strategy aligned with business risk and organizational goals. Lead initiatives to automate detection engineering workflows and improve team efficiency. Oversee the full lifecycle of detection engineering projects, including prioritization, resource allocation, and performance tracking. Technical
Develop and optimize detection logic, signatures, and analytics across SIEM, EDR, and cloud-native platforms. Oversee hypothesis-based threat hunting campaigns performed by team members Integrate threat intelligence into detection and response workflows to enhance situational awareness. Translate threat actor behaviors into actionable detections using frameworks like MITRE Telecommunication&CK and the Cyber Kill Chain. Conduct threat modeling and detection gap analysis to continuously improve detection coverage. Ensure detection logic is tested, validated, and tuned for accuracy and performance. Stay current with emerging threats, tools, and techniques to maintain cutting-edge detection capabilities. Organizational
Collaborate with SOC, threat intelligence, and incident response teams to align detection efforts with operational needs. Partner with IT, OT, and service providers to ensure visibility and coverage across enterprise and industrial environments. Communicate detection strategies, risks, and outcomes effectively to technical and non-technical stakeholders, including executive leadership. Ensure detection engineering practices support compliance with internal policies and external regulatory requirements. Your Skills and Expertise: :
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (completed and verified prior to star) from an accredited university. 7+ years of experience in cybersecurity, with at least 3 years in a leadership or technical lead role focused on detection engineering or threat detection. Additional qualifications that could help you succeed even further in this role include:
Master's degree preferred. Hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel) and EDR solutions (e.g., CrowdStrike, Defender for Endpoint) Relevant certifications such as GIAC (GCIA, GDAT, GCTD), CISSP, or equivalent are highly desirable. Displays a proven track record in leading and managing a threat response team with emphasis on proactive threat identification, analysis and incident identification. Ability to apply threat intelligence to identify, assess, and report on current advanced threats Ability to present technical concepts to non-technical audiences Presents a detailed understanding of emerging threat landscape, including threat actor classifications Keeps abreast of adversary tactics, techniques and procedures, intelligence reporting Stays current with the cyber intelligence community to maintain/develop formal and informal sources of information and incorporate industry best practices where applicable Ability to lead, coach and advise team members; effectively manages across cultural and generational boundaries Demonstrates excellent analytical and problem-solving skills Deep understanding of threat detection technologies including SIEM, EDR, and cloud-native tools. Proficiency in detection scripting languages such as KQL and Sigma Strong knowledge of adversary tactics and techniques, including MITRE Telecommunication&CK and the Cyber Kill Chain. Ability to define and execute detection engineering strategies aligned with business risk. Skilled in cross-functional collaboration with SOC, IR, threat Client, and IT/OT teams. Passion for automation and continuous improvement in detection engineering workflows.
Key Responsibilities:
Management
Manage and mentor a team of detection engineers, fostering a culture of innovation, collaboration, and technical excellence. Define and execute detection engineering strategy aligned with business risk and organizational goals. Lead initiatives to automate detection engineering workflows and improve team efficiency. Oversee the full lifecycle of detection engineering projects, including prioritization, resource allocation, and performance tracking. Technical
Develop and optimize detection logic, signatures, and analytics across SIEM, EDR, and cloud-native platforms. Oversee hypothesis-based threat hunting campaigns performed by team members Integrate threat intelligence into detection and response workflows to enhance situational awareness. Translate threat actor behaviors into actionable detections using frameworks like MITRE Telecommunication&CK and the Cyber Kill Chain. Conduct threat modeling and detection gap analysis to continuously improve detection coverage. Ensure detection logic is tested, validated, and tuned for accuracy and performance. Stay current with emerging threats, tools, and techniques to maintain cutting-edge detection capabilities. Organizational
Collaborate with SOC, threat intelligence, and incident response teams to align detection efforts with operational needs. Partner with IT, OT, and service providers to ensure visibility and coverage across enterprise and industrial environments. Communicate detection strategies, risks, and outcomes effectively to technical and non-technical stakeholders, including executive leadership. Ensure detection engineering practices support compliance with internal policies and external regulatory requirements. Your Skills and Expertise: :
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (completed and verified prior to star) from an accredited university. 7+ years of experience in cybersecurity, with at least 3 years in a leadership or technical lead role focused on detection engineering or threat detection. Additional qualifications that could help you succeed even further in this role include:
Master's degree preferred. Hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel) and EDR solutions (e.g., CrowdStrike, Defender for Endpoint) Relevant certifications such as GIAC (GCIA, GDAT, GCTD), CISSP, or equivalent are highly desirable. Displays a proven track record in leading and managing a threat response team with emphasis on proactive threat identification, analysis and incident identification. Ability to apply threat intelligence to identify, assess, and report on current advanced threats Ability to present technical concepts to non-technical audiences Presents a detailed understanding of emerging threat landscape, including threat actor classifications Keeps abreast of adversary tactics, techniques and procedures, intelligence reporting Stays current with the cyber intelligence community to maintain/develop formal and informal sources of information and incorporate industry best practices where applicable Ability to lead, coach and advise team members; effectively manages across cultural and generational boundaries Demonstrates excellent analytical and problem-solving skills Deep understanding of threat detection technologies including SIEM, EDR, and cloud-native tools. Proficiency in detection scripting languages such as KQL and Sigma Strong knowledge of adversary tactics and techniques, including MITRE Telecommunication&CK and the Cyber Kill Chain. Ability to define and execute detection engineering strategies aligned with business risk. Skilled in cross-functional collaboration with SOC, IR, threat Client, and IT/OT teams. Passion for automation and continuous improvement in detection engineering workflows.