Vice President - Threat Detection Engineer

Embrace the challenge of maintaining robust digital security, driving operational excellence, and implementing cutting-edge solutions in cybersecurity.

As a Vice President - Threat Detection Engineer you will contribute deep expertise in adversary behavior, strong security engineering and data analysis skills, and the ability to convert threat intelligence into effective detection. You will regularly collaborate with cross-functional teams to develop a coordinated approach to security, ensuring the integrity, confidentiality, and availability of sensitive data and systems. You will apply advanced analytical, technical, and problem-solving skills to enable operational excellence and implement innovative solutions to address complex security challenges. By staying current with industry best practices, policies, and procedures, you will contribute to maintaining a secure digital environment and driving continuous improvement in the firm.

• Execute and influence the design of comprehensive security strategies, policies, and procedures to enhance threat detection capabilities and protect the organization's digital assets and infrastructure from cybersecurity threats
• Design, implement, and continuously refine advanced threat detection rules, logic, and models in SIEM, EDR, and cloud-native platforms (e.g., Splunk, Sentinel, CrowdStrike, AWS/Azure/GCP).
• Utilize detection-as-code- pipelines and SRE principles to build and maintain detections with appropriate versioning, QA, and testing workflows.
• Perform threat model review, architecture reviews and detection gap assessments.
• Operationalize MITRE ATT&CK mappings, threat intel insights, and adversary simulations results to develop precise detection logic.
• Proactively monitor and analyze complex data and systems to identify indicators of vulnerabilities and compromises, utilizing advanced tools and techniques to detect anomalies and contribute to the development of strategies for security investigation, threat mitigation, and incident response
• Collaborate with cross-functional teams to ensure a coordinated approach to security, sharing insights, and promoting best practices across the organization
• Evaluate and enhance the organization's security posture by staying current with industry trends, emerging threats, and regulatory requirements, driving innovation and process improvements.

• Obtain 5+ years of experience in cybersecurity operations, with a focus on threat detection, incident response, and security infrastructure management, or SOC operations.
• Demonstrated expertise in multiple security domains, including network security, malware analysis, threat hunting, and security architecture and design, with proficiency in using Security Information and Event Management (SIEM) tools and advanced analytics techniques
• Advanced knowledge of network and infrastructure configuration/security, including experience in designing and implementing security solutions for on-premises, cloud, or hybrid environments

• Experience with detection-as-code methodologies and tools (e.g., Git-based pipelines, CI/CD for security content).
• Background in cloud security (AWS/GCP/Azure), particularly around detection and log correlation in IaaS and SaaS environments.
• Familiarity with SOAR platforms, and anomaly-based detection techniques.
• Experience leveraging Large Language Models (LLMs) for security use cases such as log parsing, alert triage, threat narrative generation, or threat intelligence summarization.
• Experience in integrating LLMs into detection workflows to enhance context enrichment, rule generation, or automated investigation support.