PRI Technology
The Endpoint Detection Director will lead a team of detection engineers for designing, developing and maintaining advanced threat detection capabilities. This role is critical for the organization in identifying cyber threats and malicious activity.
This is a full time opportunity working for one of the top 500 enterprise organizations with 70,000+ employees. Previous management and/or mentoring skills are a must.
This role is 4 days onsite, 1 day remote in Austin, TX. It does come with a very generous base salary and employee comp package.
Responsibilities:
Manage and mentor a team of detection engineers, fostering a culture of innovation, collaboration, and technical excellence. Define and execute detection engineering strategy aligned with business risk and organizational goals. Lead initiatives to automate detection engineering workflows and improve team efficiency. Develop and optimize detection logic, signatures, and analytics across SIEM, EDR, and cloud-native platforms. Oversee hypothesis-based threat hunting campaigns performed by team members. Integrate threat intelligence into detection and response workflows to enhance situational awareness. Translate threat actor behaviors into actionable detections using frameworks like MITRE ATT&CK and the Cyber Kill Chain. Conduct threat modeling and detection gap analysis to continuously improve detection coverage. Ensure detection logic is tested, validated, and tuned for accuracy and performance. Collaborate with SOC, threat intelligence, and incident response teams to align detection efforts with operational needs. Partner with IT, OT, and service providers to ensure visibility and coverage across enterprise and industrial environments. Communicate detection strategies, risks, and outcomes effectively to technical and non-technical stakeholders, including executive leadership. Ensure detection engineering practices support compliance with internal policies and external regulatory requirements. Qualifications:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 7+ years of experience in cybersecurity, with at least 3 years in a leadership or technical lead role focused on detection engineering or threat detection. Hands-on experience with SIEM platforms and EDR solutions. Relevant certifications such as GIAC, CISSP, or equivalent are highly desirable. Displays a proven track record in leading and managing a threat response team with emphasis on proactive threat identification, analysis and incident identification. Ability to apply threat intelligence to identify, assess, and report on current advanced threats. Deep understanding of threat detection technologies including SIEM, EDR, and cloud-native tools. Proficiency in detection scripting languages such as KQL and Sigma. Strong knowledge of adversary tactics and techniques, including MITRE ATT&CK and the Cyber Kill Chain. Ability to define and execute detection engineering strategies aligned with business risk. Skilled in cross-functional collaboration with SOC, IR, threat Client, and IT/OT teams. Passion for automation and continuous improvement in detection engineering workflows. Base pay range: $200,000.00/yr - $220,000.00/yr. Additional compensation types include Annual Bonus, Sign-on bonus, and RSUs.
#J-18808-Ljbffr
Manage and mentor a team of detection engineers, fostering a culture of innovation, collaboration, and technical excellence. Define and execute detection engineering strategy aligned with business risk and organizational goals. Lead initiatives to automate detection engineering workflows and improve team efficiency. Develop and optimize detection logic, signatures, and analytics across SIEM, EDR, and cloud-native platforms. Oversee hypothesis-based threat hunting campaigns performed by team members. Integrate threat intelligence into detection and response workflows to enhance situational awareness. Translate threat actor behaviors into actionable detections using frameworks like MITRE ATT&CK and the Cyber Kill Chain. Conduct threat modeling and detection gap analysis to continuously improve detection coverage. Ensure detection logic is tested, validated, and tuned for accuracy and performance. Collaborate with SOC, threat intelligence, and incident response teams to align detection efforts with operational needs. Partner with IT, OT, and service providers to ensure visibility and coverage across enterprise and industrial environments. Communicate detection strategies, risks, and outcomes effectively to technical and non-technical stakeholders, including executive leadership. Ensure detection engineering practices support compliance with internal policies and external regulatory requirements. Qualifications:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 7+ years of experience in cybersecurity, with at least 3 years in a leadership or technical lead role focused on detection engineering or threat detection. Hands-on experience with SIEM platforms and EDR solutions. Relevant certifications such as GIAC, CISSP, or equivalent are highly desirable. Displays a proven track record in leading and managing a threat response team with emphasis on proactive threat identification, analysis and incident identification. Ability to apply threat intelligence to identify, assess, and report on current advanced threats. Deep understanding of threat detection technologies including SIEM, EDR, and cloud-native tools. Proficiency in detection scripting languages such as KQL and Sigma. Strong knowledge of adversary tactics and techniques, including MITRE ATT&CK and the Cyber Kill Chain. Ability to define and execute detection engineering strategies aligned with business risk. Skilled in cross-functional collaboration with SOC, IR, threat Client, and IT/OT teams. Passion for automation and continuous improvement in detection engineering workflows. Base pay range: $200,000.00/yr - $220,000.00/yr. Additional compensation types include Annual Bonus, Sign-on bonus, and RSUs.
#J-18808-Ljbffr