CrawlJobs Logo

Senior Product Manager – Threat Detection

https://corelight.com/ Logo

Corelight

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

182000.00 - 219000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As a Product Manager – Threat Detection, you will be responsible for driving the development of Corelight’s Network Detection and Response (NDR) capabilities. You will work closely with security researchers, engineers, and open-source contributors to ensure Corelight’s solutions remain at the forefront of network-based threat detection. Your role will focus on enhancing threat detection capabilities across Corelight’s platform, integrating emerging threat intelligence, and defining the product roadmap to keep security teams ahead of adversaries. Zeek will be one important component of your strategy, but your impact will extend across the broader Corelight security ecosystem

Job Responsibility:

  • Develop and maintain a cutting edge detection engineering program via collaboration with Corelight Labs Research
  • Execute the product strategy for Corelight’s threat detection capabilities
  • Research adversary tactics, emerging network threats, and novel detection methodologies to improve the effectiveness of Corelight’s NDR solutions
  • Work closely with threat researchers, SOC analysts, and detection engineers to develop high-fidelity detection logic and optimize network threat intelligence
  • Analyze network protocols and traffic patterns to identify new ways to extract valuable security-relevant insights
  • Collaborate with engineering, UX, and security research teams to develop new features and improve the usability of Corelight’s threat detection tools
  • Contribute to open-source security initiatives, representing Corelight in the broader security community and helping drive innovation
  • Act as a technical liaison between customers, security teams, and internal stakeholders to ensure Corelight remains the gold standard for network evidence collection
  • Define, prioritize, and refine product requirements for threat detection capabilities, integrations, and intelligence applications
  • Develop detection content, documentation, and best practices for leveraging Corelight’s platform in threat hunting and incident response workflows
  • Refine and utilize threat intelligence sources to improve detection capabilities and stay ahead of emerging threats
  • Build and maintain relationships with threat intelligence providers, security researchers, and industry peers to enhance Corelight’s ability to detect and respond to adversaries

Requirements:

  • 2+ years in a technical support, engineering, or security research role
  • 3+ years in networking in a product or practitioner role
  • 5+ years overall experience in cybersecurity, with a focus on network security and threat detection
  • Strong understanding of network protocols, network security principles, and intrusion detection methodologies
  • Experience with Zeek (Bro) and its applications within NDR and security operations
  • Experience with network forensics, packet analysis, and network-based anomaly detection
  • Strong analytical skills, with the ability to interpret and apply threat intelligence and attack frameworks (e.g., MITRE ATT&CK)
  • Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience

Nice to have:

  • 1+ years experience as a Product Owner/Product Manager in an Agile/Scrum environment
  • Background in threat hunting or threat intelligence is a plus
  • Background in behavioral detection models, network anomaly detection, or AI/ML-based security analytics is a plus
  • Experience working with security operations teams (SOC), threat hunters, or forensic analysts to understand their needs
  • Active security clearance is a plus
What we offer:
  • Equity
  • Additional benefits
  • Collaborative, inclusive, and growth-oriented culture
  • AI-assisted workflows
  • Machine learning models
  • Cloud security and SaaS-based solutions
  • Geographically distributed yet connected employee base

Additional Information:

Job Posted:
March 24, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Corelight - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Product Manager – Threat Detection

Senior Product Manager – Security Data Integrations and Management

We are seeking a skilled, experienced Sales Engineering Director to manage a div...
Location
Location
United States
Salary
Salary:
182000.00 - 219000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years of Product Management experience in security, observability, or data pipeline technologies
  • Strong knowledge of SIEMs, log analytics, and security data platforms (such as Splunk, Elastic, CrowdStrike)
  • Experience w/ Zeek, Suricata, and/or YARA is a plus
  • Experience with log routing and transformation, including tools such as vector.dev, Cribl, logstash, and Fluentd
  • Knowledge of network security, threat detection, compliance logging, and SIEM ingestion requirements
  • Ability to collaborate with engineering teams, security professionals, and customers to drive impactful solutions
Job Responsibility
Job Responsibility
  • Drive product planning, requirements gathering, and prioritization for the overall sensor management solution including device management and SIEM integrations while balancing customer needs with technical feasibility
  • Define and track key metrics to measure the success of SIEM integrations and drive data-informed decisions
  • Collaborate with engineering to ensure robust data manipulation capabilities for log enrichment, filtering, and transformation
  • Work with customers to understand pain points in security device management, log management, compliance, and security data pipelines
  • Ensure seamless integration with structured formats like JSON, and mappings to common schemas such as CIM, ECS, and OCSF
  • Partner with security and DevOps teams to align with SIEM ingestion best practices, detection rules, and compliance frameworks
What we offer
What we offer
  • Equity and additional benefits will also be awarded
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States , Atlanta
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States , Sunnyvale
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in our Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness and much more
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in our Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness and much more
  • Fulltime
Read More
Arrow Right

Senior Engineer, Detection R&D

This role is responsible for enhancing detection coverage and methodology throug...
Location
Location
United States , Bethesda
Salary
Salary:
100400.00 - 166800.00 USD / Year
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
February 04, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related field
  • or equivalent experience and certifications
  • 6+ years of combined experience in detection engineering, red/purple teaming, security analytics, vulnerability management or cyber threat detection roles
  • 3+ years working with Splunk SIEM (Enterprise Security), CrowdStrike NG-SIEM, or developing UEBA/behavior-based threat detections
  • Hands-on experience with EDR tools such as CrowdStrike Falcon, MS Defender, Sentinel One, etc., and pen testing/vulnerability assessments
  • Proven ability to develop advanced detection content including correlation rules, behavioral analytics, and threat hunting queries
Job Responsibility
Job Responsibility
  • Provide mentorship for junior engineers and Detection Engineering resources
  • Conduct cyber threat detection methodology research aligned with cyber threat detection coverage gaps, threat modeling, and threat intelligence
  • Partner with CTI Team, Detection Engineering, Security Engineering and Security Architecture to develop behavior-based detections leveraging AI/ML and other methods
  • Develop prototype correlation searches, dashboards, reports and alerts within the SIEM, UEBA and Security Data Lake platforms
  • Share detection approaches, recommendations, developed analytics, and other products of detection research with CTI Teams, Detection Engineering and other teams as appropriate to inform detection development
  • Facilitate cross-team collaboration sessions to ideate and review detection use cases and detection methodologies
  • Document and share detection approaches for TTPs, threat models, and monitoring strategies using standard templates and methodologies
  • Collaborate with CTI Team, Detection Engineering, Security Architecture and Engineering teams to ensure detection coverage aligns with cybersecurity risks and business priorities
  • Engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • Attend SCRUM and prioritization meetings to review and update deliverables
What we offer
What we offer
  • 401(k) plan
  • stock purchase plan
  • discounts at Marriott properties
  • commuter benefits
  • employee assistance plan
  • childcare discounts
  • medical coverage
  • dental coverage
  • vision coverage
  • health care flexible spending account
  • Fulltime
Read More
Arrow Right

Protective Intelligence Analyst

The Protective Intelligence Analyst is responsible for supporting the executive ...
Location
Location
United States , Austin
Salary
Salary:
95000.00 USD / Year
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of recent protective intelligence experience supporting executive protection teams and principals, or 5+ years of equivalent military, law enforcement, or intelligence experience.
  • Bachelor’s degree in Intelligence Studies, International Relations, Homeland Security, or related field (or equivalent operational experience).
  • Formal Intelligence Training certification (Military, Government, Association, or Private Sector) required.
  • Advanced training in threat assessment, travel risk management, or protective intelligence preferred.
  • Skilled in open-source (OSINT) and social media research, threat monitoring, and incident verification.
  • Experience producing protective intelligence products—threat assessments, travel risk reports, route/residence assessments, and pre-travel advisories.
  • Ability to collect, vet, and analyze information using the intelligence cycle to create accurate, actionable, bias-mitigated reporting.
  • Strong understanding of global security, geopolitical risks, terrorism, crime, and crisis response as they relate to executive travel and operations.
  • Proven ability to support EP operations in real time, providing clear, concise, and timely threat updates to decision-makers.
  • Proficiency in Microsoft Office Suite and familiarity with protective intelligence platforms (e.g., Factal, Dataminr, Babel Street, LifeRaft, Echosec).
Job Responsibility
Job Responsibility
  • Threat Monitoring & Early Warning: Continuously monitor open sources, social media platforms, dark web, and client-specific intelligence tools for threats or hostile surveillance activity directed at principals, their families, residences, travel plans, or affiliated events.
  • Protective Research & Threat Analysis: Conduct in-depth research and analysis on persons of interest (POIs), hostile actors, and groups with the intent or capability to target principals. Assess motivations, capability, opportunity, and intent to identify potential attack indicators.
  • Travel Risk Intelligence: Provide proactive intelligence support to executive protection teams during domestic and international travel, including country risk assessments, route reconnaissance, hotel and venue security reviews, and incident monitoring during trips. Deliver timely updates to traveling principals and EP teams.
  • Protective Operations Support: Deliver actionable, real-time intelligence to EP teams in support of principal movements, protective advances, route planning, and residence/event security. Maintain constant threat environment awareness and communicate relevant changes.
  • Geopolitical & Environmental Risk Tracking: Monitor global and regional security issues, including terrorism, political unrest, crime trends, natural disasters, and health risks—that could affect principals’ safety during travel or at residences/events.
  • Actionable Reporting & Products: Produce timely, clear, and actionable intelligence products including: Threat assessments (strategic and tactical), Travel risk assessments (pre-trip and in-trip updates), Situation reports (SITREPs) and incident summaries, Route and location assessments (residences, hotels, venues, offices)
  • Threat Mitigation Recommendations: Provide practical, proportionate recommendations to EP teams on how to mitigate identified threats, risks, and vulnerabilities. Offer clear triggers and indicators for escalation or operational adjustments.
  • Database & Knowledge Management: Maintain a structured, cross-referenced database of threats, POIs, incidents, and lessons learned to support future operations and ensure continuity of protective intelligence programs.
  • Confidentiality & Security: Safeguard sensitive client information, personal identifiers, and operational details at all times, adhering to strict confidentiality and need-to-know principles.
  • Operational Integration: Serve as the intelligence liaison to executive protection, event security, and corporate security teams, ensuring protective intelligence is integrated into all protective operations.
What we offer
What we offer
  • Employee Assistance Program
  • Employee Discount Program
  • Tuition Discount Program
  • Training & Career Development Programs
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy