Senior Cybersecurity Detection Engineering Manager

Join our dynamic team as a Senior Cybersecurity Detection Engineering Manager, where you will lead and inspire a group of Detection Engineers focused on enhancing our advanced detection capabilities to combat emerging cyber threats. This critical leadership role is designed to elevate Cox Automotive's Cyber Defense practice, empowering swift threat responses and automated remediation. You will develop the strategic vision for the Detection Engineering program and implement metrics to ensure ongoing improvement and effectiveness. Key Responsibilities: Develop and execute a comprehensive detection engineering strategy, roadmap, and objectives. Design and implement cutting-edge threat detection techniques utilizing SIEM, EDR, NDR, and SOAR platforms. Create innovative detection rules, automated remediation playbooks, and alerts customized to our organizational threat landscape. Utilize the MITRE framework to evaluate detection coverage and address any gaps. Continuously monitor and enhance the performance, scalability, and effectiveness of detection systems. Collaborate closely with the Threat Detection and Response team to bolster our cybersecurity capabilities for efficient threat identification and management. Conduct attack simulation tests to validate the effectiveness of detection use cases alongside the Vulnerability Management team. Oversee the management of SIEM/Data Lake infrastructure and log ingestion, working closely with Cyber Defense Engineering. Evaluate and fine-tune detection capabilities, ensuring continual improvement. Maintain up-to-date operational guidelines, documentation, and diagrams pertaining to security detection and response. Incident Response Support: Work in partnership with the incident response team to ensure the swift detection and containment of threats. Offer technical guidance to create detection use cases during high-severity security incidents. Drive ongoing improvements in detection and response processes based on insights gained from incidents. Provide off-hours support as necessary for security operations. Threat Intelligence Integration: Integrate threat intelligence to bolster detection capabilities and proactively address risks. Analyze new and evolving threat vectors for inclusion in detection strategies. Collaborative Engagement: Partner with various Cybersecurity, Engineering, and Product teams to align detection strategies with our business objectives. Effectively communicate detection capabilities and findings to both technical and non-technical stakeholders, including executive leadership. Governance and Compliance: Ensure compliance of detection processes and tools with regulatory and industry standards (e.g., GDPR, PCI-DSS, NIST). Document detection strategies, processes, and configurations meticulously. Qualifications: Bachelor's degree in Computer Science or a related field with 8+ years of relevant experience; alternatively, a Master's degree with 6 years or a Ph.D. with 3 years of experience will be considered. Experience across multi-cloud environments including AWS, Azure, and GCP. Expertise in Detection Engineering and Security Operations. 3+ years of experience in a management or leadership role with direct people management responsibilities. Strong background in Information Security, Network Security, Security Monitoring, and Incident Response. Proficient in developing SIEM/SOAR detection and automation use cases. Hands-on experience with industry-standard security technologies including Threat Intelligence, Firewalls, SASE, IPS, Endpoint Security, and Data Lakes. Deep understanding of the attack kill chain and diamond model. 5+ years of experience in an Incident Response or Security Operations role. 3+ years of leadership experience in a SOC or equivalent environment. Must reside within a commutable distance to North Hills NY or Atlanta GA and be willing to be onsite three times a week. Preferred Qualifications: Relevant certifications such as GSEC, GCIA, GCFA, CISA, CISSP, or similar. Experience in Development/Dev Ops, Engineering, Network, or System Administration. Compensation: The base salary ranges from $173,900.00 to $289,800.00, influenced by location, expertise, and skills. Potential additional compensation may include incentive programs. Benefits: Enjoy flexible vacation time, seven paid holidays, and up to 160 hours of annual paid wellness time for personal or family wellness. Additional paid time off is available for bereavement, voting, jury duty, volunteering, military service, and parental leave.