Threat Detection Manager

Summary

Join Experian as a Threat Detection Manager and lead a global team of threat detection engineers. This remote role involves designing, implementing, and maintaining the company's threat detection pipeline. You will promote best practices in security engineering, utilize CI/CD pipelines, and manage security tools and platforms. The position requires extensive experience in threat detection, leadership, and scripting, along with a strong understanding of security technologies and frameworks. Experian offers a competitive compensation package, including core benefits and flexible work arrangements.

Requirements

• 10 years of experience in the Threat Detection field preferably supporting a Cyber Threat Detection function
• 3+ years in a leadership or managerial role overseeing a team
• Scripting and Automation Proficiency: Demonstrated expertise in scripting and automation with a proficiency in either Python or Golang, ensuring the development of efficient, scalable security solutions
• CI/CD and Infrastructure as Code: understanding and hands-on experience with CI/CD concepts, specifically relating to Infrastructure as Code, using platforms such as Github or Bitbucket to automate security operations
• System Administration Skills: Experienced in system administration across multiple operating systems, including Linux, and Windows, with an emphasis on securing and maintaining IT environments
• Network Forensics and Event Management: Proficiency in network forensics, including logging and event management, with a focus on identifying, analyzing, and mitigating network-based threats
• Defensive Network Infrastructure Knowledge
• Security Monitoring Technologies: WAF, Web Proxies, UEBA, and DLP, to detect, prevent, and respond to security incidents
• MITRE ATT&CK™ Framework Understanding: understanding of the MITRE ATT&CK™ framework, cyber threat landscapes, attack vectors, and threat actors, allowing informed decision-making and strategy development
• Cybersecurity Framework Familiarity: Familiarity with common cybersecurity frameworks, such as NIST, or other leading practices and industry standards
• Relevant Security Certifications: CISSP, GCIH, GCIA, or similar, demonstrating a commitment to professional development and expertise in the field

Responsibilities

• Lead a global team of Threat Detection Engineers in the design, implementation, and maintenance of our Threat Detection Pipeline
• Promote the use of best practices in security engineering, including secure coding, security testing, and operational incident response
• Guide the use of Detection as Code principles, using CI/CD pipelines to automate the deployment and management of detection rules and platform configurations, ensuring fast, and reliable updates across our environment
• Implement and maintain the platform's configuration through Infrastructure as Code (IaC) using tools such as Ansible and Terraform, ensuring that our security infrastructure is scalable, reproducible, and manageable through code
• Manage the full lifecycle of security tools and platforms, including evaluation, selection, implementation, and optimization
• Ensure the reliability and performance of the Threat Detection Pipeline through proactive monitoring
• Foster a culture of innovation, encouraging the team to explore new technologies and approaches that enhance our security capabilities
• Manage the security engineering data storage and compute budget, ensuring allocation of resources through management of the data lifecycle
• Present reports on the team's progress, operational incidents, and other relevant metrics to senior management

Benefits

• Remote from within the US
• Great compensation package and bonus plan
• Core benefits including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remote, hybrid or in-office
• Flexible time off including volunteer time off, vacation, sick and 12-paid holidays