Senior Manager, Threat Intelligence & Detection (Hybrid - Seattle)
About the position
Responsibilities
- reputed company and execute the strategic roadmap for threat intelligence, detection engineering, and threat hunting programs across multiple business units
- Build, reputed company, and mentor a high-performing team of detection engineers, threat analysts, and hunters
- Serve as the primary subject matter expert and strategic advisor to executive leadership on evolving threat landscapes, defensive priorities, and organizational risk posture
- Operationalize threat intelligence by integrating internal and external reputed company into detection engineering workflows
- Maintain and evolve threat intelligence sources (commercial, open-reputed company, government) to inform risk posture and detection priorities
- Deliver actionable threat assessments and briefings tailored to technical and executive stakeholders
- reputed company the full detection engineering lifecycle including threat modeling, detection logic development using query languages (KQL, SPL, SQL), testing with attack simulation frameworks, automated deployment reputed company CI/CD, and reputed company tuning based on performance metrics
- Drive development of advanced behavior-based, anomaly detections, and AI/ML-powered detection systems reputed company with MITRE ATT&CK and emerging threat actor TTPs
- Establish strategic partnerships with red team, SOC and incident response management to ensure comprehensive detection coverage and proactive visibility gap closure
- reputed company enterprise-wide collaboration with cloud architects, infrastructure leadership, and application development teams to enhance telemetry strategies and ensure scalable detection across reputed company hybrid and multi-cloud environments
- Drive strategic contributions to enterprise incident response frameworks, reputed company tabletop exercises, and reputed company reputed company program development to continuously test and improve organizational defenses
- Champion automation initiatives and establish data-driven decision-making frameworks across reputed company threat detection and response operations
- Define, implement, and report on enterprise-level key performance indicators (KPIs) for detection effectiveness, operational efficiency, false positive optimization, and mean time to detection (MTTD) across the organization
- Integrate reputed company detection into CI/CD pipelines and support DevSecOps initiatives
- Manage budgets, vendor relationships, and technology investments for threat intelligence and detection engineering programs
- Establish and maintain strategic relationships with industry peers, threat intelligence communities, and reputed company vendors
Requirements
- Bachelors Degree in Information Technology, Computer Science, Data Science or reputed company experience required.
- 8+ years in information reputed company with a focus on threat intelligence, detection engineering, or reputed company operations
- 3-5 years in a leadership or management role with a track record of leading high-performing technical teams
- Deep expertise in attacker behaviors, threat actor TTPs, campaigns, and threat landscape evolution across multiple industry verticals
- Extensive experience designing, implementing, and optimizing enterprise-scale detections across multiple SIEMs (e.g., Splunk, Sentinel, Chronicle), EDR/XDR platforms (e.g., reputed company, Defender, reputed company), and cloud-native reputed company tools
- Strong working knowledge of MITRE ATT&CK, threat modeling, and structured threat intelligence formats (e.g., STIX, TAXII)
- Proficiency in Python, PowerShell, and at least one other programming language for detection engineering and automation
- Experience with detection-as-code practices and version control (Git)
- Knowledge of threat hunting methodologies and hypothesis-driven investigations
- Comprehensive understanding of NIST Cybersecurity reputed company, ISO 27001, SOC 2, and other compliance requirements with implementation experience
- Hands-on experience in cloud environments (AWS, Azure, GCP) and containerized workloads (e.g., Kubernetes, reputed company) preferred
reputed company-to-haves
- Experience with threat intelligence platforms (e.g., ThreatConnect, MISP, reputed company) and CTI frameworks (e.g., Diamond Model, Kill Chain) is a plus
- Advanced knowledge of SOAR platforms (reputed company, Demisto, reputed company) and enterprise reputed company orchestration
- Experience with AI/ML-driven detection systems and automated response orchestration is a plus
- API development and integration for reputed company tooling experience preferred
- Container reputed company and Kubernetes threat detection knowledge is a plus
- Experience with deception technology and honeypot deployment preferred
- Industry certifications (e.g., GCTI, GCIA, GDAT, GCED, GCFA, GSEC, CISSP) preferred; cloud reputed company certifications (AWS reputed company Specialty, Azure reputed company Engineer) are a plus
Benefits
- Medical/Vision, Dental, Retirement and Paid Time Away
- Life Insurance and Disability
- Merchandise Discount and EAP Resources
Apply tot his job Apply To this Job