Threat Detection Engineering Manager

Position Overview

We are seeking an experienced Threat Detection Engineering Manager to build and manage a team of Threat Detection Engineers to work in partnership with Data Scientists and Security Researchers who are developing our AI-driven Attack Signal.

Vectra's Attack Signal Production Group is responsible for building Vectra's core threat detection and prioritization technology, leveraging AI and other methods to alert customers to critical threats in their network and cloud environments. Threat Detection Engineers work closely with Data Scientists, who are developing AI models, and Security Researchers, who are researching the threat landscape and assisting modeling efforts, to extend our detection capabilities with Suricata, Sigma, and python. As a Threat Detection Engineering Manager, you will build and manage a team of Threat Detection Engineers focused across different threat landscapes and will work with other leaders focused on Data Science, Security Research, Engineering and Product Management to coordinate the team's efforts within our broader program of delivery.

Responsibilities and Accountabilities

• Build and manage a team of threat detection engineers focused across network, cloud, and identity threat surfaces

• Collaborate with site leader who is building out Vectra's office in Bangalore

• Work with coverage leads to ensure clarity of focus and goals

• Ensure quality rules are developed and evaluated through rigorous processes

• Foster a culture of continuous growth and improvement through coaching, mentoring, feedback and clear measurable outcomes.

Attitudes and Behaviors

• Focus on impact and results; work on the right things and get them done 

• Drive and resourcefulness to persevere and overcome obstacles achieving challenging goals 

• Ability and motivation to roll up the sleeves and dive deep to help the team when needed 

• Track record of successfully solving complex and ambiguous problems 

• High integrity and ability to positively collaborate with others

• Act as an anchor who can help to promote security culture within the local office

Qualifications and Experience

• 5+ years of cybersecurity experience (preferably focused on threat detection and response)

• 2+ years of technical management experience

• Excellent people, technical and communication skills. Ability to relate across multiple levels and across cultures.

• Advanced knowledge of common operating systems, services, networking protocols, logging, cloud and SaaS environments

• Knowledge of attacker techniques and tools, and prior operational experience leveraging threat intelligence to detect and respond to adversaries

• Familiarity with data utilized by detection technology, for example PCAPs, flow logs, cloud logs, etc.

• Expertise in tools and techniques for analyzing large sets of data

• Experience with Bash, python, Sigma, Suricata, YARA-L, etc.

• Unix/Linux proficiency 

• Scripting, software development, engineering, and/or devops experience; experience with a source control system, preferably Git