- Company Name
- BlueSky Resource Solutions
- Job Title
- Sr. Manager of Cybersecurity Detection Engineering
- Job Description
-
Job title: Senior Manager, Cybersecurity Detection Engineering
Role Summary: Leads a team of Detection Engineers to design, implement, and maintain advanced threat detection capabilities, ensuring rapid response and automated remediation across SIEM, EDR, NDR, and SOAR platforms. Drives detection strategy, roadmap, metrics, and continuous improvement while collaborating with incident response, threat intelligence, engineering, and compliance functions.
Expactations
- Own the detection engineering strategy and roadmap, achieving measurable security improvements.
- Mentor and develop engineering talent, fostering cross‑functional collaboration.
- Maintain rigorous compliance with industry standards (GDPR, PCI‑DSS, NIST).
- Provide after‑hours support and incident response expertise as required.
Key Responsibilities
- Define detection strategy, objectives, and performance metrics.
- Design, implement, and validate custom detection rules, playbooks, and alerts.
- Use MITRE ATT&CK and other frameworks to close coverage gaps.
- Optimize detection system performance for scalability and effectiveness.
- Conduct attack simulations, purple teaming, and vulnerability coordination.
- Manage SIEM/Data Lake ingestion and infrastructure in partnership with Cyber Defense Engineering.
- Evaluate, tune, and retire detection capabilities.
- Produce and maintain operational documentation, diagrams, and guidelines.
- Support Incident Response with rapid containment and high‑severity detection use cases.
- Integrate threat intelligence to proactively mitigate risks.
- Align detection practices with product, engineering, and cybersecurity goals.
- Measure and report on detection program efficiency and quality.
Required Skills
- 8+ years of cybersecurity experience with 3+ years of management.
- Expert-level knowledge of SIEM, SOAR, EDR, NDR, and threat intelligence.
- Hands‑on experience with detection engineering across endpoint, cloud, identity, network, and email.
- Proficiency in Linux, macOS, Windows internals, and data ingestion in multi‑cloud (AWS, Azure, GCP).
- Ability to design automated remediation playbooks and detection use cases.
- Strong communication skills for technical and non‑technical audiences.
- Experience in metrics development, continuous improvement, and documentation.
- Knowledge of machine learning concepts applied to predictive security analytics.
Required Education & Certifications
- Bachelor’s degree in Computer Science or equivalent professional experience (advanced degrees accepted).
- Certifications preferred: CISSP, CISM, CEH, or relevant SIEM/SOAR qualification.