Senior Manager of Cybersecurity Detection Engineering
Company: Cox Automotive
Location: Marietta
Posted on: July 15, 2025
|
|
|
Job Description:
The Senior Manager of Cybersecurity Detection Engineering will
lead a team of Detection Engineers in designing, implementing, and
maintaining advanced detection capabilities to safeguard the
organization against emerging cyber threats. This pivotal role will
enhance Cox Automotive's next-generation Cyber Defense practice,
enabling rapid threat response and automated remediation. The
position will be responsible for developing the strategy for the
Detection Engineering program and establishing metrics to
demonstrate continuous improvement. The ideal candidate will
possess expert-level knowledge in SIEM implementation and log
ingestion, SOAR, Incident Response, and Threat Intelligence that
will be data-driven with strong verbal, written communication, and
leadership skills. Cybersecurity Detection Engineering: Define
detection engineering strategy, roadmap, and objectives to achieve.
Design and implement advanced threat detection techniques using
tools such as SIEM, EDR, NDR, and SOAR platforms. Develop
innovative custom detection rules and automated remediation,
playbooks, and alerts tailored to the organization's threat
landscape for enterprise and customer security. Leverage industry
standard MITRE frameworks to identify detection coverage and close
gaps. Monitor, optimize, and continuously improve detection systems
for performance, scalability, and effectiveness. Collaborates with
Threat Detection and Response team to continuously improve
cybersecurity capabilities in identification, management, and
response to threats in the most efficient and effective manner.
Performs attack simulation testing to validate efficacy of use
cases and purple teaming exercises collaborating with the
Vulnerability Mgmt team. Manages and maintains SIEM/Data Lake data
management and log ingestion infrastructure in collaboration with
Cyber Defense Engineering. Evaluate, validate, tune, and sunset
where necessary detection capabilities Maintains operational
guidelines, diagrams, and documentation for security detection and
response. Incident Response Support: Collaborate with the incident
response team to ensure rapid detection and containment of cyber
threats. Provide technical expertise and guidance to develop
detection use cases during high-severity security incidents.
Continuously improve detection and response processes based on
lessons learned from incidents. Other duties may be assigned as
needed to address new security threats facing the enterprise.
Provides off hour support as needed for security administration,
detection, and response activities. Threat Intelligence
Integration: Leverage threat intelligence to enhance detection
capabilities and proactively mitigate risks. Identify and analyze
new and emerging threat vectors and incorporate them into detection
strategies. Stakeholder Collaboration: Partner with other
Cybersecurity, Engineering, and Product teams to align detection
strategies with organizational objectives. Communicate detection
capabilities and findings to technical and non-technical
stakeholders, including executive leadership. Governance and
Compliance: Ensure all detection processes and tools adhere to
regulatory requirements and industry standards (e.g., GDPR,
PCI-DSS, NIST). Establish and maintain documentation of detection
strategies, processes, and configurations. Professional Technology
Skills (the professional technology skills you need to be able to
do the job) Ability to: Proven track record of building scalable
organizations that have world class threat detection capabilities.
Technical proficiency performing security investigations at scale;
including endpoint, cloud, identity, network, and email threats.
Work with internal IT teams and external MSSPs for creation and
operationalization of Detection Engineering use cases for WAF, DDoS
Protection, Email systems, DLP, AV, and Endpoint security
technologies. Practical experience with Detection & Response tools
for network, endpoints, cloud, and identity as well as SOAR
platforms. Apply security Threat Intelligence to identify new
threat vectors. Lead projects to improve security monitoring and
response capabilities. Demonstrate a strong security engineering
and architecture background to best understand how to employ the
most effective and efficient security monitoring. Strong
fundamentals of Linux, MacOS, and Windows operating system
internals. Demonstrate effective communication of security issues
to management and others. Maintain detection use case and SIEM
configuration guidelines and standards for security. Proficiency
creating and managing operational metrics that increase team
efficiency and quality. Enthusiastic about managing and mentoring
individuals pursuing careers in detection engineering. Ability to
manage effective relationships with organizational leaders, build a
roadmap, and drive broad initiatives to completion. Understanding
of Machine Learning concepts as related to predictive analytics.
Knowledge, Experience & Qualifications Essential: Bachelor's degree
in Computer Science or equivalent and 8 years of industry related
professional experience. The right candidate could also have a
different combination, such as a master's degree and 6 years'
experience; a Ph.D. and 3 years' experience in a related field; or
20 years' experience in a related field Multi-cloud security
experience AWS, Azure, GCP Expert level knowledge on Detection
Engineering and Security Operations 3 years of management or
leadership experience with direct people management
responsibilities Strong experience with Information Security,
Network Security, Security Monitoring, and Incident Response.
Strong experience with developing SIEM/SOAR detection and
automation use cases. Working experience with industry standard
security technologies and services such as Threat Intelligence,
Firewalls, SASE, IPS, Endpoint Security, DLP, SIEM/SOAR, and Data
Lakes. Expert level knowledge on the attack kill chain and diamond
model. 5 years' experience in an Incident Response or Security
Operations role 3 years' leadership experience in a SOC or
equivalent role Must live within a commutable distance to North
Hills NY or Atlanta GA and be willing to come onsite 3x a week
Desirable: GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA
certification(s) Development/ Dev Ops / Engineering / Network /
System Administration experience USD 173,900.00 - 289,800.00
Compensation: Compensation includes a base salary of $173,900.00 -
$289,800.00. The base salary may vary within the anticipated base
pay range based on factors such as the ultimate location of the
position and the selected candidate's knowledge, skills, and
abilities. Position may be eligible for additional compensation
that may include an incentive program. Benefits: The Company offers
eligible employees the flexibility to take as much vacation with
pay as they deem consistent with their duties, the company's needs,
and its obligations; seven paid holidays throughout the calendar
year; and up to 160 hours of paid wellness annually for their own
wellness or that of family members. Employees are also eligible for
additional paid time off in the form of bereavement leave, time off
to vote, jury duty leave, volunteer time off, military leave, and
parental leave.
Keywords: Cox Automotive, Sandy Springs , Senior Manager of Cybersecurity Detection Engineering, IT / Software / Systems , Marietta, Georgia
