Manager, Detection Engineering

Who We Are Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats.

The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on the Forbes Best Start-up Employers 2022 list.  If our mission resonates with you, let’s talk.

What We Believe In

• Do what’s right for the customer
• Be kind and authentic
• Deliver great quality
• Be relentless

Challenges You Will Solve The Customer Security Operations (CSO) team continues to push the boundaries of threat detection and response with a unique combination of operations, threat research, and engineering. We have a tight integration with the development team that designs our analysis platform and the Red Canary Threat Detection Engine. We are currently hiring for an empowered people manager actively looking for opportunities to positively disrupt the status quo and improve our product, people, and processes. 

The security landscape is always shifting and introducing new adversaries. The Red Canary CSO operates 24/7 to track down threats in data and deliver fast and practical detections to our customers. We analyze signals from our customers on a continuous basis to detect threats on endpoints, in clouds, through networks and emails, and identities.

Your team is on the front line of detection focused on denying cyber adversaries the opportunity to do damage. You’ll be responsible for leading a group of Detection Engineers, working alongside other managers and peer teams, to identify and investigate threats in our customers’ telemetry. This role has the responsibility of managing, coaching, and mentoring highly technical direct reports and championing operational initiatives that make your team most effective in delivering positive security outcomes.

What You'll Do

• Lead a tight-knit team of Detection Engineers who are responsible for the analysis and delivery of accurate, complete, and timely  threat detections
• Manage, mentor, and coach technical direct reports
• Serve as a mentor and source of knowledge for new and growing managers
• Participate as part of the CSO leadership team to measure, monitor, and continuously improve our operations
• Define and manage operational metrics, reporting them on a regular cadence to executive leadership
• Act as a champion for our security operations platform while rallying and leading multiple internal Red Canary resources to create widespread change
• Build and maintain relationships across security operations, product management, engineering, community, support, and our customers to ensure the best possible customer experience
• Lead root cause analysis for detection quality issues and directing next steps to address and prevent recurrence
• Build relationships and engage with customers, respond to questions and escalations about our detections, and positively impact Red Canary’s product roadmap by helping to prioritize features and improvements requested by our customers

What You'll Bring

• 7+ years experience working in a Security Operations Center (SOC) or security engineering team
• 3+ years of previous people management experience leading diverse and distributed teams
• Unshakeable desire to mentor, coach, and manage highly technical direct and indirect reports
• Proficiency creating and managing operational metrics that increase team efficiencies and quality
• Experience working within high-pressure environments and acting as an escalation point for customers
• Ability to manage effective relationships with organizational leaders and drive broad initiatives to completion
• Proven ability to effectively explain complex technical concepts to a broad audience
• Technical proficiency performing security investigations at scale; including endpoint, cloud, identity, network, and email threats
• Experience working with security frameworks like MITRE ATT&CK; ability to track and discuss an attack through the cyber killchain
• Practical knowledge of Detection & Response tools for endpoints, cloud, and identity
• Experience with software development, databases, SIEMs, or security automation highly preferred