CrawlJobs Logo
Corelight Logo Corelight · IT - Software Development

Senior Product Manager – Threat Detection

United States Employment contract 182000.00 - 219000.00 USD / Year · Job Posted March 24, 2025

Job offer has expired

Job Link Share

Job Description

As a Product Manager – Threat Detection, you will be responsible for driving the development of Corelight’s Network Detection and Response (NDR) capabilities. You will work closely with security researchers, engineers, and open-source contributors to ensure Corelight’s solutions remain at the forefront of network-based threat detection. Your role will focus on enhancing threat detection capabilities across Corelight’s platform, integrating emerging threat intelligence, and defining the product roadmap to keep security teams ahead of adversaries. Zeek will be one important component of your strategy, but your impact will extend across the broader Corelight security ecosystem

Job Responsibility

  • Develop and maintain a cutting edge detection engineering program via collaboration with Corelight Labs Research
  • Execute the product strategy for Corelight’s threat detection capabilities
  • Research adversary tactics, emerging network threats, and novel detection methodologies to improve the effectiveness of Corelight’s NDR solutions
  • Work closely with threat researchers, SOC analysts, and detection engineers to develop high-fidelity detection logic and optimize network threat intelligence
  • Analyze network protocols and traffic patterns to identify new ways to extract valuable security-relevant insights
  • Collaborate with engineering, UX, and security research teams to develop new features and improve the usability of Corelight’s threat detection tools
  • Contribute to open-source security initiatives, representing Corelight in the broader security community and helping drive innovation
  • Act as a technical liaison between customers, security teams, and internal stakeholders to ensure Corelight remains the gold standard for network evidence collection
  • Define, prioritize, and refine product requirements for threat detection capabilities, integrations, and intelligence applications
  • Develop detection content, documentation, and best practices for leveraging Corelight’s platform in threat hunting and incident response workflows
  • Refine and utilize threat intelligence sources to improve detection capabilities and stay ahead of emerging threats
  • Build and maintain relationships with threat intelligence providers, security researchers, and industry peers to enhance Corelight’s ability to detect and respond to adversaries

Requirements

  • 2+ years in a technical support, engineering, or security research role
  • 3+ years in networking in a product or practitioner role
  • 5+ years overall experience in cybersecurity, with a focus on network security and threat detection
  • Strong understanding of network protocols, network security principles, and intrusion detection methodologies
  • Experience with Zeek (Bro) and its applications within NDR and security operations
  • Experience with network forensics, packet analysis, and network-based anomaly detection
  • Strong analytical skills, with the ability to interpret and apply threat intelligence and attack frameworks (e.g., MITRE ATT&CK)
  • Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience

Nice to have

  • 1+ years experience as a Product Owner/Product Manager in an Agile/Scrum environment
  • Background in threat hunting or threat intelligence is a plus
  • Background in behavioral detection models, network anomaly detection, or AI/ML-based security analytics is a plus
  • Experience working with security operations teams (SOC), threat hunters, or forensic analysts to understand their needs
  • Active security clearance is a plus

What we offer

  • Equity
  • Additional benefits
  • Collaborative, inclusive, and growth-oriented culture
  • AI-assisted workflows
  • Machine learning models
  • Cloud security and SaaS-based solutions
  • Geographically distributed yet connected employee base
Corelight - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Product Manager – Threat Detection

8 matching positions

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in our Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness and much more
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States , Sunnyvale
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in our Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness and much more
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States , Atlanta
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness
  • Fulltime
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Principal Group Product Manager

In the age of AI, Microsoft Security empowers defenders with unified Microsoft S...
Location
Location
United States , Redmond
Salary
Salary:
163000.00 - 296400.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree AND 10+ years experience in product/service/program management or software development OR equivalent experience
  • 3+ years people management experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • Bachelor's Degree AND 15+ years experience in product/service/program management or software development OR equivalent experience
  • 5+ years people management experience
  • 7+ years of experience delivering and scaling enterprise products or managed cloud security services as a Product Manager or Product Leader
  • Demonstrated success driving complex product initiatives from conception to launch in fast-paced environments
  • Proven ability to lead a team of Product Managers to innovate, execute, and ship solutions that meet customer needs
  • Proven ability to drive alignment across multiple teams and partner effectively with diverse stakeholders, including Engineering, Sales, Marketing, and Business Development across Microsoft to achieve business goals
Job Responsibility
Job Responsibility
  • Customer Focus & Problem Solving: Engage deeply with internal and external customers to understand security operation’s tools & processes, identify unmet needs, and drive innovative integrations that deliver measurable customer value and delight
  • Product Strategy, Definition & Roadmap: Own the end‑to‑end product strategy and roadmap for MDR capabilities
  • Identify gaps and opportunities in the competitive landscape and translate them into actionable plans
  • define and prioritize requirements, translate them into clear customer scenarios, backlog items, and success metrics (OKRs)
  • Technical & Security Excellence: Ensure solutions are grounded in strong technical and security fundamentals by partnering closely with engineering to drive automation and advanced AI (including Generative AI)
  • Apply deep SOC operations expertise and threat landscape awareness to deliver effective detection, response, and resilience capabilities
  • Data‑Driven Decision Making: Define, instrument, and track key performance indicators (KPIs) across the DEX service
  • Leverage analytics and telemetry to generate insights, guide prioritization, and drive continuous product and service improvements
  • Leadership & Team Development: Act as a senior leader in MDR product management by managing and mentoring a high‑performing team of Product Managers
  • Foster a culture of collaboration, innovation, and accountability while aligning priorities across Microsoft’s global security initiatives
  • Fulltime
Read More
Arrow Right

Protective Intelligence Analyst

The Protective Intelligence Analyst is responsible for supporting the executive ...
Location
Location
United States , Austin
Salary
Salary:
95000.00 USD / Year
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of recent protective intelligence experience supporting executive protection teams and principals, or 5+ years of equivalent military, law enforcement, or intelligence experience.
  • Bachelor’s degree in Intelligence Studies, International Relations, Homeland Security, or related field (or equivalent operational experience).
  • Formal Intelligence Training certification (Military, Government, Association, or Private Sector) required.
  • Advanced training in threat assessment, travel risk management, or protective intelligence preferred.
  • Skilled in open-source (OSINT) and social media research, threat monitoring, and incident verification.
  • Experience producing protective intelligence products—threat assessments, travel risk reports, route/residence assessments, and pre-travel advisories.
  • Ability to collect, vet, and analyze information using the intelligence cycle to create accurate, actionable, bias-mitigated reporting.
  • Strong understanding of global security, geopolitical risks, terrorism, crime, and crisis response as they relate to executive travel and operations.
  • Proven ability to support EP operations in real time, providing clear, concise, and timely threat updates to decision-makers.
  • Proficiency in Microsoft Office Suite and familiarity with protective intelligence platforms (e.g., Factal, Dataminr, Babel Street, LifeRaft, Echosec).
Job Responsibility
Job Responsibility
  • Threat Monitoring & Early Warning: Continuously monitor open sources, social media platforms, dark web, and client-specific intelligence tools for threats or hostile surveillance activity directed at principals, their families, residences, travel plans, or affiliated events.
  • Protective Research & Threat Analysis: Conduct in-depth research and analysis on persons of interest (POIs), hostile actors, and groups with the intent or capability to target principals. Assess motivations, capability, opportunity, and intent to identify potential attack indicators.
  • Travel Risk Intelligence: Provide proactive intelligence support to executive protection teams during domestic and international travel, including country risk assessments, route reconnaissance, hotel and venue security reviews, and incident monitoring during trips. Deliver timely updates to traveling principals and EP teams.
  • Protective Operations Support: Deliver actionable, real-time intelligence to EP teams in support of principal movements, protective advances, route planning, and residence/event security. Maintain constant threat environment awareness and communicate relevant changes.
  • Geopolitical & Environmental Risk Tracking: Monitor global and regional security issues, including terrorism, political unrest, crime trends, natural disasters, and health risks—that could affect principals’ safety during travel or at residences/events.
  • Actionable Reporting & Products: Produce timely, clear, and actionable intelligence products including: Threat assessments (strategic and tactical), Travel risk assessments (pre-trip and in-trip updates), Situation reports (SITREPs) and incident summaries, Route and location assessments (residences, hotels, venues, offices)
  • Threat Mitigation Recommendations: Provide practical, proportionate recommendations to EP teams on how to mitigate identified threats, risks, and vulnerabilities. Offer clear triggers and indicators for escalation or operational adjustments.
  • Database & Knowledge Management: Maintain a structured, cross-referenced database of threats, POIs, incidents, and lessons learned to support future operations and ensure continuity of protective intelligence programs.
  • Confidentiality & Security: Safeguard sensitive client information, personal identifiers, and operational details at all times, adhering to strict confidentiality and need-to-know principles.
  • Operational Integration: Serve as the intelligence liaison to executive protection, event security, and corporate security teams, ensuring protective intelligence is integrated into all protective operations.
What we offer
What we offer
  • Employee Assistance Program
  • Employee Discount Program
  • Tuition Discount Program
  • Training & Career Development Programs
  • Fulltime
Read More
Arrow Right

Security Operations Engineer

The Security Operations Engineer will join the IAM Protect team within the CISO ...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), OR operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, OR related field AND 2+ years’ experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Job Responsibility
Job Responsibility
  • Implement and enforce identity protection controls
  • Drive operational execution of IAM security policies (e.g., Conditional Access, MFA, token protection) to reduce lateral movement and credential compromise risks.
  • Collaborate on Secure Future Initiative (SFI) objectives
  • Partner with engineering and program teams to deliver SFI milestones such as phish-resistant MFA, token protection, conditional access policies, and legacy domain deprecation in productivity tenants.
  • Automate and optimize security workflows
  • In partnership with senior engineers and PMs, identify opportunities for automation and AI-native solutions to reduce manual touchpoints and improve efficiency in tenant governance and isolation processes.
  • Analyze telemetry and KPIs to drive risk reduction
  • Use data from S360 dashboards, Geneva logs, and other sources to track compliance, detect drift, and report progress against isolation and identity hardening goals.
  • Support tenant lifecycle security operations
  • Execute secure onboarding, baseline enforcement, and drift correction for auxiliary and ephemeral tenants
  • Fulltime
Read More
Arrow Right