CrawlJobs Logo

Cybersecurity Manager - Detection and Response

https://www.microsoft.com/ Logo

Microsoft Corporation

Location Icon

Location:
United Kingdom , Multiple Locations

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Microsoft Incident Response – the Detection and Response Team (DART) – part of the Customer Experience & Success (CE&S) organization – is seeking a Cybersecurity Incident Response Manager to lead its global incident response team. DART is Microsoft’s elite cybersecurity task force, providing holistic incident response and investigation services to customers facing advanced cyber threats. In this role, you will manage and mentor a worldwide team of security engineers and responders, coordinate complex customer investigations, and drive the development of DART’s response capabilities in collaboration with other Microsoft security partners2. You will operate in a fast-paced, dynamic environment, tackling sophisticated security incidents across cloud and on-premises environments on a daily basis.

Job Responsibility:

  • People Management: Responsible for mentoring, managing and leading a team of cyber security analysts, engineers, developers, leads and incident managers
  • Managers deliver success through empowerment and accountability by modeling, coaching, and caring
  • Strategic Initiatives: Secure partner relationships and work closely with internal product and services groups as well as co-delivering with Microsoft’s Partner ecosystem
  • Develop and mentor individual contributors through open communication, training and development opportunities and performance management processes
  • Develop and maintain objectives, metrics and KPIs supporting the department’s strategic direction and continuously improve incident response technical capabilities
  • Communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily understood, authoritative, and actionable manner
  • Present to a wide range and size of audiences from IT Pro, to CxO, to business decision makers
  • Technical leadership and executive presence to establish Trusted Technical Advisor to influence senior decision makers to mature and promote customer’s security posture across the overall technology landscape
  • Drive investigative teams to exhaust all investigative leads in the expectation of discovering novel attacker techniques
  • Investigate and research these techniques, and partner with threat intelligence and security engineering to drive security tooling and product enhancements
  • Synthesize threat data (telemetry) and evaluate the impact of current security trends, advisories, publications, and academic research, cascading learnings as necessary across partner teams and customers alike, and drive change in our approach to better combat these threats
  • Leverage input from Threat Intelligence team, including strategic, operational, and tactical intelligence to benefit containment and hardening of customer environments, while keeping knowledge and skills current with the rapidly changing threat landscape
  • Similarly, share threat data with threat intelligence and engineering teams and drive research of threat actors and threat activity
  • Interface closely with and influence security product owners
  • Drive the evolution of both proactive and reactive detection and investigation capabilities
  • Business Operations: Maintain a profitable business while developing a strategy for significant growth
  • Influence product direction through customer experience and feedback of product capabilities during crisis
  • Engage directly with customers as a member of the engagement team, providing leadership and oversight to ensure profitability, high customer satisfaction, and operational excellence
  • Ensure delivery alignment with sales, and prioritize capacity and readiness planning against demand
  • Serve as liaison between technical response and the business to minimize the impact of an incident to the customer
  • Maintain business operations: Deliver against metrics, KPIs and other leading delivery operational and health indicators for our business unit
  • Responsible for technical and executive level reports on incident response issues
  • Design, document, and implement detection and incident response processes, procedures, guidelines, and solutions
  • This involves operation and continually improving existing DART process, as well as the development of new processes in response to evolving threats and business requirements
  • Ability to apply entrepreneurial and innovative mindset and attitude to adapt to the speed and agility needed for evolving business demands
  • Excellent time management, writing and communication skills
  • Participating in a follow-the-sun on-call rotation
  • Short-notice travel will likely be 40% or higher as is demanded by the needs of our customers and our business

Requirements:

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field and several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection and several years of experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field and several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
  • Many years of people management and/or informal/indirect team leadership experience
  • Strong analytic, qualitative, and quantitative reasoning skills
  • Track record of successfully managing a technical business group and maintaining consistent growth
  • Recognized as a strategic leader who can hire, retain and motivate diverse quality talent
  • Experience leading both a services organization and product development function
  • Develop business strategy and provide technical thought leadership
  • Manage customer engagements escalations to ensure customer satisfaction
  • Advanced technical degree or equivalent experience
  • Expert understanding of security technology and implementation principles with a focus on the cyber threat landscape
  • Strong oral and written communication, organization and interpersonal skills
  • Knowledge of the legal and regulatory landscape related to security and privacy in an international environment
  • Executive presence, ability to influence senior IT and Global Risk leaders, CISO, CTO, CIOs
  • Experience leading a global cross-functional team
  • Experience with the following: opportunity identification, customer advocacy, conflict resolution, competitor intelligence, challenger mindset, business acumen and analysis, executive presence, strategic technical planning, technology industry knowledge, trusted technical advisor

Nice to have:

  • Related work experience with some of the following is a distinct advantage: Demonstrated history of leading teams of Security threat hunting analysts, engineers and consultants to successfully investigate cases of advanced targeted exploitation or similar interactive hacking cases
  • Proven experience in helping enterprises manage vulnerabilities, measure security and ensure compliance
  • Recognized as a subject matter expert in various security disciplines with a deep understanding of real-world APT tools, tactics, and procedures
  • Cloud SaaS and PaaS experience and an understanding of investigations in those environments and leveraging cloud for investigation scale
  • Solid grasp of common cyber frameworks and models such as the MITRE ATT&CK, Cyber Kill Chain, Diamond Model, Pyramid of Pain, DeTT&CT and modern penetration testing techniques
  • International consulting experience is a plus
  • Eligibility for a government security clearance is a plus

Additional Information:

Job Posted:
March 19, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Microsoft Corporation - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cybersecurity Manager - Detection and Response

Senior Product Manager - Incident Response

At Corelight, we believe that the best approach to cybersecurity risk starts wit...
Location
Location
United States
Salary
Salary:
182000.00 - 219000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cybersecurity, with a strong focus on enterprise security workflows, policy management, or asset intelligence
  • 3+ years in product management or a similar role, driving roadmap and feature execution
  • Experience with security operations (SOC), including detection tuning, policy frameworks, and compliance needs
  • Strong understanding of network security monitoring, intrusion detection, and enterprise security architecture
  • Familiarity with CMDB, CAASM, or asset intelligence tools and their role in security operations
  • Strong knowledge of SOC workflows and security event triage processes
  • Experience working with enterprise IT/security leaders (CISO, SOC Managers, Compliance Teams) to align security policies with operational needs
  • Ability to work cross-functionally with engineering, UX, and customers to deliver scalable solutions
Job Responsibility
Job Responsibility
  • Own the policy and asset database roadmap within the Investigator platform, ensuring device groups and policy assignment work seamlessly together
  • Develop tuning mechanisms that max granular tuning of policy quick and easy
  • Develop custom prioritization engines with great defaults but a focus on putting the power in the customer’s hands
  • Build out powerful CMDB/CAASM-like asset management capabilities to improve everything from policy assignment to triage context
  • Work with SOC teams and CISOs to validate policy workflows and ensure the platform meets oversight and compliance needs
  • Collaborate with sales and customers to prioritize features that have the biggest impact on security operations
  • Write detailed product requirements, ensuring engineering has a clear understanding of expectations
  • Work closely with team members to ensure policy workflows support effective detection and investigation processes
  • Drive executive reporting to support SOC leadership in tracking detection effectiveness
What we offer
What we offer
  • Equity
  • Additional benefits
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • typically 4+ years of relevant experience
  • SOC team/Incident response analyst experience is required
  • proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • advanced understanding of adversary tactics, techniques, and procedures (TTPs)
  • advanced Cyber and IT security knowledge
  • advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
  • advanced understanding of SQL and relevant scripting languages
  • advanced data security system analysis skills
  • advanced risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
  • analyze associated logs and respond to high severity incidents
  • suggest automation opportunities to enhance IR
  • mentor and provide technical guidance to less experienced cybersecurity professionals
  • stay at the forefront of cybersecurity trends, threats, and technologies
  • foster a culture of continuous improvement and innovation
  • encourage the adoption of new technologies and methodologies
  • provide insight and guidance through after action reviews working with stakeholders.
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • programs for professional and personal career development
  • unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Senior Product Manager – Threat Detection

As a Product Manager – Threat Detection, you will be responsible for driving the...
Location
Location
United States
Salary
Salary:
182000.00 - 219000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years in a technical support, engineering, or security research role
  • 3+ years in networking in a product or practitioner role
  • 5+ years overall experience in cybersecurity, with a focus on network security and threat detection
  • Strong understanding of network protocols, network security principles, and intrusion detection methodologies
  • Experience with Zeek (Bro) and its applications within NDR and security operations
  • Experience with network forensics, packet analysis, and network-based anomaly detection
  • Strong analytical skills, with the ability to interpret and apply threat intelligence and attack frameworks (e.g., MITRE ATT&CK)
  • Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience
Job Responsibility
Job Responsibility
  • Develop and maintain a cutting edge detection engineering program via collaboration with Corelight Labs Research
  • Execute the product strategy for Corelight’s threat detection capabilities
  • Research adversary tactics, emerging network threats, and novel detection methodologies to improve the effectiveness of Corelight’s NDR solutions
  • Work closely with threat researchers, SOC analysts, and detection engineers to develop high-fidelity detection logic and optimize network threat intelligence
  • Analyze network protocols and traffic patterns to identify new ways to extract valuable security-relevant insights
  • Collaborate with engineering, UX, and security research teams to develop new features and improve the usability of Corelight’s threat detection tools
  • Contribute to open-source security initiatives, representing Corelight in the broader security community and helping drive innovation
  • Act as a technical liaison between customers, security teams, and internal stakeholders to ensure Corelight remains the gold standard for network evidence collection
  • Define, prioritize, and refine product requirements for threat detection capabilities, integrations, and intelligence applications
  • Develop detection content, documentation, and best practices for leveraging Corelight’s platform in threat hunting and incident response workflows
What we offer
What we offer
  • Equity
  • Additional benefits
  • Collaborative, inclusive, and growth-oriented culture
  • AI-assisted workflows
  • Machine learning models
  • Cloud security and SaaS-based solutions
  • Geographically distributed yet connected employee base
  • Fulltime
Read More
Arrow Right

OT Cybersecurity Manager

Safeguard the integrity and resilience of energy infrastructure by leading the d...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Cybersecurity, Electrical Engineering, or related field
  • 5+ years of experience in OT/ICS cybersecurity, preferably in the energy or industrial sector
  • Strong knowledge of OT protocols (e.g., Modbus, DNP3), network segmentation, and industrial control systems
  • Hands-on experience with firewalls, SIEM, IDS/IPS, and endpoint protection in OT environments
  • Excellent problem-solving, communication, and stakeholder engagement skills
Job Responsibility
Job Responsibility
  • Design, implement, and maintain OT security controls and architectures across energy infrastructure
  • Collaborate with engineering and IT teams to ensure secure integration of OT systems
  • Conduct risk assessments, vulnerability analyses, and incident response planning for OT environments
  • Monitor and analyze OT network traffic and logs to detect and respond to threats
  • Ensure compliance with industry standards and regulatory requirements (e.g., NIS2, IEC 62443)
  • Lead end-to-end planning and execution of OT security initiatives
  • Drive change initiatives to support adoption of new systems, processes, and behaviors
  • Coordinate stakeholder engagement across domains and senior leadership
  • Identify and mitigate risks, dependencies, and blockers
  • Monitor initiative performance and incorporate lessons learned
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
  • Fulltime
Read More
Arrow Right

Information Security Manager

The Information Security Manager for the KSA Business Unit will be responsible f...
Location
Location
Saudi Arabia , Khobar
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Computer Science, or a related field
  • Professional certifications such as CISSP, CISM, CISA, or equivalent are highly preferred
  • Minimum of 7 years of experience in information security, with at least 3 years in a managerial role
  • Strong knowledge of KSA cybersecurity regulations, including NCA and SAMA frameworks
  • Experience in implementing and managing security controls, risk assessments, and incident response
  • Familiarity with international security standards (ISO 27001, NIST, etc.)
  • Excellent leadership, communication, and stakeholder management skills
  • Ability to work effectively in a regional and multicultural environment
Job Responsibility
Job Responsibility
  • Work closely with the Compliance function to ensure compliance with KSA cybersecurity regulations
  • Ensure adherence to and enforcement of Nextcare’s security policies and guidelines across the KSA business unit
  • Identify, assess, and mitigate security risks, ensuring appropriate controls are in place to protect sensitive information and IT infrastructure
  • Lead security incident response efforts, including investigation, containment, and reporting to relevant authorities
  • Promote cybersecurity awareness across the business unit and conduct training programs for employees
  • Assess and monitor security risks associated with vendors, partners, and third-party service providers
  • Act as the key liaison between the KSA business unit and the regional security team, providing reports on security posture, incidents, and compliance status
  • Oversee security operations, ensuring continuous monitoring, threat detection, and vulnerability management
  • Implement and manage security controls, including Antivirus & Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Proxy Solutions, Email Security, and other controls
  • Stay updated on the latest cybersecurity threats, trends, and industry best practices to strengthen the organization's security posture
  • Fulltime
Read More
Arrow Right

Information Security Manager

Cogoport is on a mission to bridge the $3.4 trillion Trade Knowledge and Executi...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://cogoport.com/ Logo
Cogoport
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in cybersecurity, risk management, and information security leadership
  • Bachelor's/master’s degree in computer science, Information Security, or a related field
  • Certifications: CISSP, CISM, CEH, or equivalent cybersecurity certifications (preferred)
  • Expertise in risk assessment, penetration testing, and vulnerability management
  • Hands-on experience with security tools such as SIEM (Splunk, IBM QRadar), endpoint protection, and cloud security solutions
  • Strong knowledge of zero-trust security models, identity and access management (IAM), and security operations (SOC)
  • Ability to effectively communicate security risks and strategies to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive cybersecurity strategy aligned with Cogoport’s business objectives
  • Collaborating with senior leadership as the primary authority for all security-related matters
  • Oversee security governance and continuous security improvements across all business units
  • Identify, assess, and mitigate cybersecurity risks across applications, cloud infrastructure, and corporate systems
  • Conduct periodic security audits, risk assessments, and penetration testing to proactively address vulnerabilities
  • Ensure compliance with ISO 27001, GDPR, SOC 2, NIST, and other industry security frameworks
  • Develop, document, and maintain an incident response plan to manage and mitigate security breaches
  • Oversee the implementation and management of security technologies, including firewalls, IDS/IPS, SIEM, and endpoint protection
  • Monitor network traffic for anomalies and cyber threats, taking immediate action against security incidents
  • Lead incident detection, investigation, and response processes while minimizing business impact
  • Fulltime
Read More
Arrow Right

Cybersecurity Engineer

The Cybersecurity Engineer will focus on crafting comprehensive cybersecurity po...
Location
Location
United States of America , Highland
Salary
Salary:
96000.00 - 113000.00 USD / Year
basler.com Logo
Basler Electric
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related field
  • Minimum 5 years of experience in a related field
  • Professional security certifications such as CISSP and Security+ are highly desirable
  • Proven experience in developing and implementing cybersecurity policies
  • Familiarity with NIST 800-171 and other relevant security guidelines and frameworks
  • Strong knowledge of malware analysis and incident response procedures
  • Proficiency in managing patching software and understanding of patch management best practices
  • Familiarity with Microsoft Active Directory, Windows Servers, and SCCM
  • Ability to support end users at a Tier 1 level
  • Familiarity with troubleshooting Microsoft Office products
Job Responsibility
Job Responsibility
  • Work with Director of IT and Systems Administrator to develop, implement, and maintain cybersecurity policies and procedures
  • Respond to cybersecurity questionnaires from clients, partners, and regulatory bodies
  • Investigate and respond to malware events, including detection, analysis, and remediation
  • Manage and oversee patching software to ensure systems and applications are up-to-date with the latest security patches
  • Maintains OS patch schedule and third-party software updates, including testing and deployment
  • Monitor and manage MDR (Managed Detection and Response) and investigate antivirus/malware events
  • Manage various security software applications for the entire organization
  • Collaborate with IT teams to address vulnerabilities and enhance overall security posture
  • Ensure conformity of servers with other information systems that follow system hardening best practices
  • Conduct regular security audits and assessments to ensure compliance with established policies and standards
What we offer
What we offer
  • Medical
  • Prescription
  • Dental
  • Vision
  • Life
  • AD&D insurance
  • 401k plan
  • paid leaves for Vacation
  • Holiday
  • Sick
Read More
Arrow Right

Global Detection and Response Lead

We are seeking a Global Detection and Response Lead to own and scale OpenAI’s cy...
Location
Location
United States , San Francisco
Salary
Salary:
347000.00 - 490000.00 USD / Year
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in cybersecurity with deep expertise in detection engineering, incident response, and security operations
  • Active U.S. Government security clearance (Top Secret) or willingness and eligibility to obtain one
  • Mission-oriented, have unimpeachable integrity, and are passionate and motivated to detect and respond to adversaries in a highly complex, fast-paced environment
  • Deep experience building and leading detection and response, instrumentation/observability, and threat intelligence teams across a global footprint, including airgapped and sovereign environments
  • Stellar leadership skills, and a demonstrated history of driving durable, and continuous improvements to programs, processes, and people
  • Exceptional written and verbal communication skills, can remain calm under pressure, and can effectively run command of security incidents involving numerous stakeholders across a diverse gamut of teams, expertise, and seniority
  • Deep expertise in modern observability stacks (e.g., SIEM, data lakes, EDR, cloud telemetry, logging) and detection primitives
  • Understand modern adversary tradecraft (TTPs) and have demonstrated experience and expertise translating it into practical detection strategies and response actions
Job Responsibility
Job Responsibility
  • Oversee global detection and response operations, including continuous monitoring, triage, investigation, containment, and remediation of security events across a diverse set of networks and infrastructure
  • Lead, mentor, and directly manage several small teams of senior engineers across observability, detection and response, and threat intelligence
  • Hire and scale these functions deliberately and proportionately as OpenAI’s compute footprint and platform ambitions grow
  • Ensure world-class operational rigor and readiness through management of incident playbooks, on-call and escalation paths, tabletop exercises, and continuous improvement of response quality and speed
  • Improve detection quality and coverage by partnering with engineering teams to ensure critical telemetry is available, reliable, and actionable across cloud, corporate, and production environments
  • Deeply partner across all of OpenAI to evaluate and respond to emergent security concerns in a frontier AI lab environment, such as detection and response strategies for agents operating across infrastructure at scale
  • Build a world-class security program capable of withstanding tier-1 adversaries by maximally embracing our own models to solve frontier security problems
What we offer
What we offer
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy