Job Information
Intuit Group Manager, Threat Detection Engineering in San Diego, California
Overview
Build and lead a new detection engineering team. This is a technical leadership role that involves detection engineering, data engineering and analytics, attack path analysis, and security orchestration and automation (SOAR). This is a key role that will define and influence Intuit’s nextgen Security Operations Center (SOC) initiatives. You will own and implement the strategy of the detection engineering program as well as establish metrics that demonstrate continuous maturity towards target state objectives. The ideal candidate for the role should have a strong background in SIEM implementation and log ingestion, incident response, high interpersonal and leadership skills, be highly analytical and data driven, and have strong verbal and written communication skills.
What you'll bring
Proven track record of building scalable organizations that have world class threat detection capabilities
Technical proficiency performing security investigations at scale; including endpoint, cloud, identity, network, and email threats
Practical experience with Detection & Response tools for network, endpoints, cloud, and identity as well as SOAR platforms
Hands-on experience with SIEM and Data Lake solutions (e.g., Splunk, Snowflake, S3)
Expertise with query languages (SQL, SPL, BigQuery)
Strong fundamentals of Linux, MacOS, and Windows operating system internals
Deep understanding of attacker techniques, tools and procedures
Understanding of cloud environments such as AWS, GCP, and/or Azure
Proficiency creating and managing operational metrics that increase team efficiency and quality
Experience with coding languages to build/automate (e.g., Python, Go)
Experience working with security frameworks like MITRE ATT&CK or Lockheed Martin’s Cyber Kill Chain; ability to track and discuss an attack through the cyber killchain
Ability to manage effective relationships with organizational leaders, build a roadmap, and drive broad initiatives to completion
Understanding of Machine Learning concepts as related to predictive analytics
Experience with forensic data capture, analysis, and preservation
Comprehensive understanding of the detection engineering field
Enthusiastic about managing and mentoring individuals pursuing careers in detection engineering.
Preferred Skills
Admin or Architect level knowledge of a SIEM (Splunk, Azure Sentinel, QRadar, etc)
In-depth knowledge of security standard processes in large-scale environments
Ability to navigate hard conversations and disseminate information to team members.
Willingness and ability to accept responsibility and provide guidance to team members
Effective organizational and planning skills, with the ability to successfully guide projects through to completion
Experience with software development or security automation highly preferred
CISSP or CISM certification preferred
Hand on experience with AWS Cloud (AWS Solutions Architect level of knowledge)
Required Education / Experience
BA/BS degree or higher in Computer Science, Cybersecurity or equivalent work experience
5+ years’ industry experience in Incident Response or Security Operations activities
3+ years leadership experience in a SOC or similar role
How you will lead
Define detection engineering strategy, roadmap, and objectives
Build and mature detection engineering processes and standard patterns
Build new detection capabilities based on research of new attack techniques
Evaluate, validate, tune, and sunset where necessary detection capabilities
Identify and close gaps in detection coverage
Build runbooks and playbooks for SOC analysts to operationalize new detections
Work with system owners, SIEM team, and Detection Operations to onboard and operationalize new data sources
Define and manage coverage and efficacy metrics, reporting them on a regular cadence to leadership
Lead root cause analysis for detection quality issues and directing next steps to address and prevent recurrence
Participate in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hours
EOE AA M/F/Vet/Disability. Intuit will consider for employment qualified applicants with criminal histories in a manner consistent with requirements of local law.
Intuit
- Intuit Jobs