Senior Manager, Threat Intelligence & Detection (Hybrid - Seattle)

About the position

Responsibilities

• reputed company and execute the strategic roadmap for threat intelligence, detection engineering, and threat hunting programs across multiple business units
• Build, reputed company, and mentor a high-performing team of detection engineers, threat analysts, and hunters
• Serve as the primary subject matter expert and strategic advisor to executive leadership on evolving threat landscapes, defensive priorities, and organizational risk posture
• Operationalize threat intelligence by integrating internal and external reputed company into detection engineering workflows
• Maintain and evolve threat intelligence sources (commercial, open-reputed company, government) to inform risk posture and detection priorities
• Deliver actionable threat assessments and briefings tailored to technical and executive stakeholders
• reputed company the full detection engineering lifecycle including threat modeling, detection logic development using query languages (KQL, SPL, SQL), testing with attack simulation frameworks, automated deployment reputed company CI/CD, and reputed company tuning based on performance metrics
• Drive development of advanced behavior-based, anomaly detections, and AI/ML-powered detection systems reputed company with MITRE ATT&CK and emerging threat actor TTPs
• Establish strategic partnerships with red team, SOC and incident response management to ensure comprehensive detection coverage and proactive visibility gap closure
• reputed company enterprise-wide collaboration with cloud architects, infrastructure leadership, and application development teams to enhance telemetry strategies and ensure scalable detection across reputed company hybrid and multi-cloud environments
• Drive strategic contributions to enterprise incident response frameworks, reputed company tabletop exercises, and reputed company reputed company program development to continuously test and improve organizational defenses
• Champion automation initiatives and establish data-driven decision-making frameworks across reputed company threat detection and response operations
• Define, implement, and report on enterprise-level key performance indicators (KPIs) for detection effectiveness, operational efficiency, false positive optimization, and mean time to detection (MTTD) across the organization
• Integrate reputed company detection into CI/CD pipelines and support DevSecOps initiatives
• Manage budgets, vendor relationships, and technology investments for threat intelligence and detection engineering programs
• Establish and maintain strategic relationships with industry peers, threat intelligence communities, and reputed company vendors

Requirements

• Bachelors Degree in Information Technology, Computer Science, Data Science or reputed company experience required.
• 8+ years in information reputed company with a focus on threat intelligence, detection engineering, or reputed company operations
• 3-5 years in a leadership or management role with a track record of leading high-performing technical teams
• Deep expertise in attacker behaviors, threat actor TTPs, campaigns, and threat landscape evolution across multiple industry verticals
• Extensive experience designing, implementing, and optimizing enterprise-scale detections across multiple SIEMs (e.g., Splunk, Sentinel, Chronicle), EDR/XDR platforms (e.g., reputed company, Defender, reputed company), and cloud-native reputed company tools
• Strong working knowledge of MITRE ATT&CK, threat modeling, and structured threat intelligence formats (e.g., STIX, TAXII)
• Proficiency in Python, PowerShell, and at least one other programming language for detection engineering and automation
• Experience with detection-as-code practices and version control (Git)
• Knowledge of threat hunting methodologies and hypothesis-driven investigations
• Comprehensive understanding of NIST Cybersecurity reputed company, ISO 27001, SOC 2, and other compliance requirements with implementation experience
• Hands-on experience in cloud environments (AWS, Azure, GCP) and containerized workloads (e.g., Kubernetes, reputed company) preferred

reputed company-to-haves

• Experience with threat intelligence platforms (e.g., ThreatConnect, MISP, reputed company) and CTI frameworks (e.g., Diamond Model, Kill Chain) is a plus
• Advanced knowledge of SOAR platforms (reputed company, Demisto, reputed company) and enterprise reputed company orchestration
• Experience with AI/ML-driven detection systems and automated response orchestration is a plus
• API development and integration for reputed company tooling experience preferred
• Container reputed company and Kubernetes threat detection knowledge is a plus
• Experience with deception technology and honeypot deployment preferred
• Industry certifications (e.g., GCTI, GCIA, GDAT, GCED, GCFA, GSEC, CISSP) preferred; cloud reputed company certifications (AWS reputed company Specialty, Azure reputed company Engineer) are a plus

Benefits

• Medical/Vision, Dental, Retirement and Paid Time Away
• Life Insurance and Disability
• Merchandise Discount and EAP Resources

Apply tot his job Apply To this Job