Apollo
Engineering Manager, Security Detection & Response
Rol remoto de Security Detection & Response con fit claro de ubicación del candidato.
Publicado14 jul 2026
Países elegibles1 país aceptado
Señal de seniorityLead
Modelo de trabajoRemoto
Ubicaciones aceptadas para candidatos
Estados Unidos
Resumen del rol
Engineering Manager, Security Detection & Response
Requisitos y responsabilidades
Contenido del rol extraído en secciones para revisar más rápido.
Security Incident Leadership & Response
- Own and continuously improve end-to-end detection, investigation, response, post-incident review, and threat intelligence-informed improvement processes, including AI-assisted triage and investigation workflows.
- Lead complex and high-severity incidents with clear decision-making, effective stakeholder communication, and accountable follow-through on remediation.
- Stay technically engaged in investigations across cloud infrastructure, SaaS platforms, corporate systems, user behavior, and abuse scenarios, and translate incident learnings, platform changes, and threat trends into Security Detection & Response priorities.
Security Observability, Detection Engineering, Automation & AI
- Define and evolve security observability and detection strategy, including telemetry onboarding, signal quality, threat intelligence inputs, alert tuning, and coverage validation.
- Oversee Panther detections, MITRE ATT&CK-aligned use cases, investigation playbooks, and response automations, with measurement and validation loops for coverage, precision, latency, tuning effectiveness, safe rollout, and attack-simulation-based validation.
- Transform security operations processes through practical use of AI, including designing agents and AI-native workflows for triage, enrichment, investigation, and response.
- Drive Python-based tooling, CI/CD practices, and pragmatic use of AI to improve the speed, quality, and reliability of Security Detection & Response workflows.
Team Leadership & Cross-Functional Collaboration
- Build, lead, and retain a high-performing remote Security Detection & Response team with clear expectations, strong onboarding, documentation, and knowledge-sharing practices.
- Coach engineers to grow in technical depth, operational ownership, and leadership capability while partnering closely with Engineering, IT, Fraud, Legal, People, Support, and Product on incidents, investigations, and security improvements.
- Work closely with Engineering and Infrastructure on telemetry quality, data pipelines, and operational readiness, and communicate security risk, incident impact, and remediation plans clearly to technical and non-technical stakeholders.
- Define and review strategy-aligned metrics and reporting that measure Security Detection & Response effectiveness, highlight trends and gaps, and inform priorities and stakeholder decisions.
Required Skills & Experience
- 5+ years of experience in Security Detection & Response, Security Engineering, or Incident Response.
- 2+ years of people management experience, including hiring, coaching, and performance management, ideally in a remote-first environment.
- Strong hands-on experience with modern SIEM platforms, security observability, detection engineering, log analysis, and complex security investigations; experience with Panther is highly valued.
- Strong proficiency in Python for automation, analysis, and internal tooling, with the ability to remain technically credible with engineers.
- Experience with automation, Git-based workflows, CI/CD practices, threat intelligence-informed detections, AI-assisted workflows, and building agents or AI-native workflows for security content, tooling, or response processes.
- Experience with cloud-native platforms, security telemetry, and SaaS environments; GCP experience preferred. Familiarity with toolsets similar to Apollo's, including Google Workspace, Okta, GitHub, Slack, Atlassian, Cloudflare, CrowdStrike, Kandji, Panther, and Snowflake-backed log pipelines, is strongly valued.
- Excellent written and verbal communication, leadership, and stakeholder management skills.
Preferred Qualifications
- Experience leading Detection Engineering, Security Engineering, or Security Detection & Response teams in a high-growth cloud or SaaS environment.
- Experience applying AI-assisted security tooling to detection, triage, investigation, or response in a production environment.
- Familiarity with MITRE ATT&CK, threat intelligence workflows, and vulnerability management programs, SLAs, and remediation processes.
- Relevant certifications such as CISSP, GCIA, GCIH, GCED, or cloud security certifications.
Roles similares
Mantén una lista de respaldo.
Stack
Usa estas tags para comparar roles remotos similares.
Elegibilidad de ubicación
Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.
Tu perfilPaís no definidoInicia sesión para comparar tu país con este rol.
Flujo de contratación
WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.
1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.