Senior Manager of Cybersecurity Detection Engineering
Company: Cox Automotive
Location: Redan
Posted on: January 2, 2026
|
|
|
Job Description:
The Senior Manager of Cybersecurity Detection Engineering will
lead a team of Detection Engineers in designing, implementing, and
maintaining advanced detection capabilities to safeguard the
organization against emerging cyber threats. This pivotal role will
enhance Cox Automotive's next-generation Cyber Defense practice,
enabling rapid threat response and automated remediation. The
position will be responsible for developing the strategy for the
Detection Engineering program and establishing metrics to
demonstrate continuous improvement. The ideal candidate will
possess expert-level knowledge in SIEM implementation and log
ingestion, SOAR, Incident Response, and Threat Intelligence that
will be data-driven with strong verbal, written communication, and
leadership skills. Cybersecurity Detection Engineering: Define
detection engineering strategy, roadmap, and objectives to achieve.
Design and implement advanced threat detection techniques using
tools such as SIEM, EDR, NDR, and SOAR platforms. Develop
innovative custom detection rules and automated remediation,
playbooks, and alerts tailored to the organization's threat
landscape for enterprise and customer security. Leverage industry
standard MITRE frameworks to identify detection coverage and close
gaps. Monitor, optimize, and continuously improve detection systems
for performance, scalability, and effectiveness. Collaborates with
Threat Detection and Response team to continuously improve
cybersecurity capabilities in identification, management, and
response to threats in the most efficient and effective manner.
Performs attack simulation testing to validate efficacy of use
cases and purple teaming exercises collaborating with the
Vulnerability Mgmt team. Manages and maintains SIEM/Data Lake data
management and log ingestion infrastructure in collaboration with
Cyber Defense Engineering. Evaluate, validate, tune, and sunset
where necessary detection capabilities Maintains operational
guidelines, diagrams, and documentation for security detection and
response. Incident Response Support: Collaborate with the incident
response team to ensure rapid detection and containment of cyber
threats. Provide technical expertise and guidance to develop
detection use cases during high-severity security incidents.
Continuously improve detection and response processes based on
lessons learned from incidents. Other duties may be assigned as
needed to address new security threats facing the enterprise.
Provides off hour support as needed for security administration,
detection, and response activities. Threat Intelligence
Integration: Leverage threat intelligence to enhance detection
capabilities and proactively mitigate risks. Identify and analyze
new and emerging threat vectors and incorporate them into detection
strategies. Stakeholder Collaboration: Partner with other
Cybersecurity, Engineering, and Product teams to align detection
strategies with organizational objectives. Communicate detection
capabilities and findings to technical and non-technical
stakeholders, including executive leadership. Governance and
Compliance: Ensure all detection processes and tools adhere to
regulatory requirements and industry standards (e.g., GDPR,
PCI-DSS, NIST). Establish and maintain documentation of detection
strategies, processes, and configurations. Professional Technology
Skills (the professional technology skills you need to be able to
do the job) Ability to: Proven track record of building scalable
organizations that have world class threat detection capabilities.
Technical proficiency performing security investigations at scale;
including endpoint, cloud, identity, network, and email threats.
Work with internal IT teams and external MSSPs for creation and
operationalization of Detection Engineering use cases for WAF, DDoS
Protection, Email systems, DLP, AV, and Endpoint security
technologies. Practical experience with Detection & Response tools
for network, endpoints, cloud, and identity as well as SOAR
platforms. Apply security Threat Intelligence to identify new
threat vectors. Lead projects to improve security monitoring and
response capabilities. Demonstrate a strong security engineering
and architecture background to best understand how to employ the
most effective and efficient security monitoring. Strong
fundamentals of Linux, MacOS, and Windows operating system
internals. Demonstrate effective communication of security issues
to management and others. Maintain detection use case and SIEM
configuration guidelines and standards for security. Proficiency
creating and managing operational metrics that increase team
efficiency and quality. Enthusiastic about managing and mentoring
individuals pursuing careers in detection engineering. Ability to
manage effective relationships with organizational leaders, build a
roadmap, and drive broad initiatives to completion. Understanding
of Machine Learning concepts as related to predictive analytics.
Knowledge, Experience & Qualifications Essential: Bachelor's degree
in Computer Science or equivalent and 8 years of industry related
professional experience. The right candidate could also have a
different combination, such as a master's degree and 6 years'
experience; a Ph.D. and 3 years' experience in a related field; or
20 years' experience in a related field Multi-cloud security
experience AWS, Azure, GCP Expert level knowledge on Detection
Engineering and Security Operations 3 years of management or
leadership experience with direct people management
responsibilities Strong experience with Information Security,
Network Security, Security Monitoring, and Incident Response.
Strong experience with developing SIEM/SOAR detection and
automation use cases. Working experience with industry standard
security technologies and services such as Threat Intelligence,
Firewalls, SASE, IPS, Endpoint Security, DLP, SIEM/SOAR, and Data
Lakes. Expert level knowledge on the attack kill chain and diamond
model. 5 years' experience in an Incident Response or Security
Operations role 3 years' leadership experience in a SOC or
equivalent role Must live within a commutable distance to North
Hills NY or Atlanta GA and be willing to come onsite 3x a week
Applicants must currently be authorized to work in the United
States for any employer without current or future sponsorship. No
OPT, CPT, STEM/OPT or visa sponsorship now or in future Desirable:
GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s)
Development/ Dev Ops / Engineering / Network / System
Administration experience USD 178,200.00 - 297,000.00 Compensation:
Compensation includes a base salary of $178,200.00 - $297,000.00.
The base salary may vary within the anticipated base pay range
based on factors such as the ultimate location of the position and
the selected candidate's knowledge, skills, and abilities. Position
may be eligible for additional compensation that may include an
incentive program. Benefits: The Company offers eligible employees
the flexibility to take as much vacation with pay as they deem
consistent with their duties, the company's needs, and its
obligations; seven paid holidays throughout the calendar year; and
up to 160 hours of paid wellness annually for their own wellness or
that of family members. Employees are also eligible for additional
paid time off in the form of bereavement leave, time off to vote,
jury duty leave, volunteer time off, military leave, and parental
leave.
Keywords: Cox Automotive, Marietta , Senior Manager of Cybersecurity Detection Engineering, IT / Software / Systems , Redan, Georgia
