CrawlJobs Logo

Senior Product Manager – Threat Detection

https://corelight.com/ Logo

Corelight

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

182000.00 - 219000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As a Product Manager – Threat Detection, you will be responsible for driving the development of Corelight’s Network Detection and Response (NDR) capabilities. You will work closely with security researchers, engineers, and open-source contributors to ensure Corelight’s solutions remain at the forefront of network-based threat detection. Your role will focus on enhancing threat detection capabilities across Corelight’s platform, integrating emerging threat intelligence, and defining the product roadmap to keep security teams ahead of adversaries. Zeek will be one important component of your strategy, but your impact will extend across the broader Corelight security ecosystem

Job Responsibility:

  • Develop and maintain a cutting edge detection engineering program via collaboration with Corelight Labs Research
  • Execute the product strategy for Corelight’s threat detection capabilities
  • Research adversary tactics, emerging network threats, and novel detection methodologies to improve the effectiveness of Corelight’s NDR solutions
  • Work closely with threat researchers, SOC analysts, and detection engineers to develop high-fidelity detection logic and optimize network threat intelligence
  • Analyze network protocols and traffic patterns to identify new ways to extract valuable security-relevant insights
  • Collaborate with engineering, UX, and security research teams to develop new features and improve the usability of Corelight’s threat detection tools
  • Contribute to open-source security initiatives, representing Corelight in the broader security community and helping drive innovation
  • Act as a technical liaison between customers, security teams, and internal stakeholders to ensure Corelight remains the gold standard for network evidence collection
  • Define, prioritize, and refine product requirements for threat detection capabilities, integrations, and intelligence applications
  • Develop detection content, documentation, and best practices for leveraging Corelight’s platform in threat hunting and incident response workflows
  • Refine and utilize threat intelligence sources to improve detection capabilities and stay ahead of emerging threats
  • Build and maintain relationships with threat intelligence providers, security researchers, and industry peers to enhance Corelight’s ability to detect and respond to adversaries

Requirements:

  • 2+ years in a technical support, engineering, or security research role
  • 3+ years in networking in a product or practitioner role
  • 5+ years overall experience in cybersecurity, with a focus on network security and threat detection
  • Strong understanding of network protocols, network security principles, and intrusion detection methodologies
  • Experience with Zeek (Bro) and its applications within NDR and security operations
  • Experience with network forensics, packet analysis, and network-based anomaly detection
  • Strong analytical skills, with the ability to interpret and apply threat intelligence and attack frameworks (e.g., MITRE ATT&CK)
  • Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience

Nice to have:

  • 1+ years experience as a Product Owner/Product Manager in an Agile/Scrum environment
  • Background in threat hunting or threat intelligence is a plus
  • Background in behavioral detection models, network anomaly detection, or AI/ML-based security analytics is a plus
  • Experience working with security operations teams (SOC), threat hunters, or forensic analysts to understand their needs
  • Active security clearance is a plus
What we offer:
  • Equity
  • Additional benefits
  • Collaborative, inclusive, and growth-oriented culture
  • AI-assisted workflows
  • Machine learning models
  • Cloud security and SaaS-based solutions
  • Geographically distributed yet connected employee base

Additional Information:

Job Posted:
March 24, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Corelight - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Product Manager – Threat Detection

Senior Product Manager – Security Data Integrations and Management

We are seeking a skilled, experienced Sales Engineering Director to manage a div...
Location
Location
United States
Salary
Salary:
182000.00 - 219000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years of Product Management experience in security, observability, or data pipeline technologies
  • Strong knowledge of SIEMs, log analytics, and security data platforms (such as Splunk, Elastic, CrowdStrike)
  • Experience w/ Zeek, Suricata, and/or YARA is a plus
  • Experience with log routing and transformation, including tools such as vector.dev, Cribl, logstash, and Fluentd
  • Knowledge of network security, threat detection, compliance logging, and SIEM ingestion requirements
  • Ability to collaborate with engineering teams, security professionals, and customers to drive impactful solutions
Job Responsibility
Job Responsibility
  • Drive product planning, requirements gathering, and prioritization for the overall sensor management solution including device management and SIEM integrations while balancing customer needs with technical feasibility
  • Define and track key metrics to measure the success of SIEM integrations and drive data-informed decisions
  • Collaborate with engineering to ensure robust data manipulation capabilities for log enrichment, filtering, and transformation
  • Work with customers to understand pain points in security device management, log management, compliance, and security data pipelines
  • Ensure seamless integration with structured formats like JSON, and mappings to common schemas such as CIM, ECS, and OCSF
  • Partner with security and DevOps teams to align with SIEM ingestion best practices, detection rules, and compliance frameworks
What we offer
What we offer
  • Equity and additional benefits will also be awarded
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in our Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness and much more
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States , Sunnyvale
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in our Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness and much more
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States , Atlanta
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness
  • Fulltime
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Principal Group Product Manager

In the age of AI, Microsoft Security empowers defenders with unified Microsoft S...
Location
Location
United States , Redmond
Salary
Salary:
163000.00 - 296400.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree AND 10+ years experience in product/service/program management or software development OR equivalent experience
  • 3+ years people management experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • Bachelor's Degree AND 15+ years experience in product/service/program management or software development OR equivalent experience
  • 5+ years people management experience
  • 7+ years of experience delivering and scaling enterprise products or managed cloud security services as a Product Manager or Product Leader
  • Demonstrated success driving complex product initiatives from conception to launch in fast-paced environments
  • Proven ability to lead a team of Product Managers to innovate, execute, and ship solutions that meet customer needs
  • Proven ability to drive alignment across multiple teams and partner effectively with diverse stakeholders, including Engineering, Sales, Marketing, and Business Development across Microsoft to achieve business goals
Job Responsibility
Job Responsibility
  • Customer Focus & Problem Solving: Engage deeply with internal and external customers to understand security operation’s tools & processes, identify unmet needs, and drive innovative integrations that deliver measurable customer value and delight
  • Product Strategy, Definition & Roadmap: Own the end‑to‑end product strategy and roadmap for MDR capabilities
  • Identify gaps and opportunities in the competitive landscape and translate them into actionable plans
  • define and prioritize requirements, translate them into clear customer scenarios, backlog items, and success metrics (OKRs)
  • Technical & Security Excellence: Ensure solutions are grounded in strong technical and security fundamentals by partnering closely with engineering to drive automation and advanced AI (including Generative AI)
  • Apply deep SOC operations expertise and threat landscape awareness to deliver effective detection, response, and resilience capabilities
  • Data‑Driven Decision Making: Define, instrument, and track key performance indicators (KPIs) across the DEX service
  • Leverage analytics and telemetry to generate insights, guide prioritization, and drive continuous product and service improvements
  • Leadership & Team Development: Act as a senior leader in MDR product management by managing and mentoring a high‑performing team of Product Managers
  • Foster a culture of collaboration, innovation, and accountability while aligning priorities across Microsoft’s global security initiatives
  • Fulltime
Read More
Arrow Right