Apollo
Engineering Manager, Security Detection & Response
Vaga remota de Security Detection & Response com fit claro de localização do candidato.
Publicada14 de jul. de 2026
Países elegíveis1 país aceito
Sinal de senioridadeLead
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Estados Unidos
Resumo da vaga
Engineering Manager, Security Detection & Response
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
Security Incident Leadership & Response
- Own and continuously improve end-to-end detection, investigation, response, post-incident review, and threat intelligence-informed improvement processes, including AI-assisted triage and investigation workflows.
- Lead complex and high-severity incidents with clear decision-making, effective stakeholder communication, and accountable follow-through on remediation.
- Stay technically engaged in investigations across cloud infrastructure, SaaS platforms, corporate systems, user behavior, and abuse scenarios, and translate incident learnings, platform changes, and threat trends into Security Detection & Response priorities.
Security Observability, Detection Engineering, Automation & AI
- Define and evolve security observability and detection strategy, including telemetry onboarding, signal quality, threat intelligence inputs, alert tuning, and coverage validation.
- Oversee Panther detections, MITRE ATT&CK-aligned use cases, investigation playbooks, and response automations, with measurement and validation loops for coverage, precision, latency, tuning effectiveness, safe rollout, and attack-simulation-based validation.
- Transform security operations processes through practical use of AI, including designing agents and AI-native workflows for triage, enrichment, investigation, and response.
- Drive Python-based tooling, CI/CD practices, and pragmatic use of AI to improve the speed, quality, and reliability of Security Detection & Response workflows.
Team Leadership & Cross-Functional Collaboration
- Build, lead, and retain a high-performing remote Security Detection & Response team with clear expectations, strong onboarding, documentation, and knowledge-sharing practices.
- Coach engineers to grow in technical depth, operational ownership, and leadership capability while partnering closely with Engineering, IT, Fraud, Legal, People, Support, and Product on incidents, investigations, and security improvements.
- Work closely with Engineering and Infrastructure on telemetry quality, data pipelines, and operational readiness, and communicate security risk, incident impact, and remediation plans clearly to technical and non-technical stakeholders.
- Define and review strategy-aligned metrics and reporting that measure Security Detection & Response effectiveness, highlight trends and gaps, and inform priorities and stakeholder decisions.
Required Skills & Experience
- 5+ years of experience in Security Detection & Response, Security Engineering, or Incident Response.
- 2+ years of people management experience, including hiring, coaching, and performance management, ideally in a remote-first environment.
- Strong hands-on experience with modern SIEM platforms, security observability, detection engineering, log analysis, and complex security investigations; experience with Panther is highly valued.
- Strong proficiency in Python for automation, analysis, and internal tooling, with the ability to remain technically credible with engineers.
- Experience with automation, Git-based workflows, CI/CD practices, threat intelligence-informed detections, AI-assisted workflows, and building agents or AI-native workflows for security content, tooling, or response processes.
- Experience with cloud-native platforms, security telemetry, and SaaS environments; GCP experience preferred. Familiarity with toolsets similar to Apollo's, including Google Workspace, Okta, GitHub, Slack, Atlassian, Cloudflare, CrowdStrike, Kandji, Panther, and Snowflake-backed log pipelines, is strongly valued.
- Excellent written and verbal communication, leadership, and stakeholder management skills.
Preferred Qualifications
- Experience leading Detection Engineering, Security Engineering, or Security Detection & Response teams in a high-growth cloud or SaaS environment.
- Experience applying AI-assisted security tooling to detection, triage, investigation, or response in a production environment.
- Familiarity with MITRE ATT&CK, threat intelligence workflows, and vulnerability management programs, SLAs, and remediation processes.
- Relevant certifications such as CISSP, GCIA, GCIH, GCED, or cloud security certifications.
Vagas similares
Mantenha uma lista reserva.
Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.