Find Your Next Career
Business Operations Specialist
Business Operations Specialist
Content Marketing Manager
ML Security Researcher
Enterprise Account Manager
New Business Enterprise Inside Sales Rep - Fluent English & Hebrew
Senior Solutions Engineer - US Navy, USMC, Federal System Integrators
Principal Software Development Engineer (Microservices, Cloud, Linux, Distributed Systems)
Strategic Development Manager
Sr Software QA Engineer ( Protocol Testing +Python )-Enterprise Forensics
Customer Success Coordinator
Customer Success Coordinator
Enterprise Account Manager, Netherlands
Customer Success Coordinator
Endpoint: Sr Software Development Engineer (C++)
Endpoint: Sr Software Development Engineer (C++)
Endpoint: Sr Software Development Engineer (C++)
Customer Success Manager, Public Sector
Senior Manager, Customer Success Management
Cistomer Success Manager - Swiss Customers
Sr Director, Product Marketing
New Business Enterprise Inside Sales Representative Switz/Austria Market
Senior Software Engineer
Senior SDET
Director Competitive Intelligence
Customer Success Manager - German Speaking
Software development Engineer in TEST
Software Development Engineer
Director, Customer Success Management
Software Development Engineer
Enterprise Account Manager - SLED
Collections Manager
Software Engineer
Enterprise Account Manager - SLED
Marketing Analytics Manager
Qualified Security Assessor
Senior Software Development Engineer
Software Development Engineer
Software Development Engineer in Test (SDET)
Software Development Engineer in Test (SDET)
MVISION Insights - Security Researcher
Software QA Engineer
Sr. Director, SecOps and Threat Hunting Research
Software Development Engineer
Staff Engineer
Web and Digital Optimization Manager
Software Engineer
Senior DevOps Engineer
Director - Product Marketing - Network, Email Security
View all jobs

Sr. Director, SecOps and Threat Hunting Research

ID: JR0031791

Remote Canada

Job Title:

Sr. Director, SecOps and Threat Hunting Research

Role Overview:

Trellix is seeking a Sr. Director for our team of security practitioners and engineers responsible for building detection and response capabilities in our XDR platform. The team’s responsibilities include building high quality detections in our platform, validating and improving the platform’s signal correlation features, building investigation playbooks to contextualize and prioritize threats, and building playbooks to automate response actions.
In addition to managing the team, the leader will also develop a strategic vision for how our platform’s detection and correlation capabilities must evolve through our XDR journey. To define this vision the ideal candidate must have expertise investigating threats across all attack vectors and understand how to leverage signals from endpoint, network, identity, and cloud to deliver detection and response outcomes in our platform. The candidate should have a strong understanding of how rules, analytics, and machine learning should be used in support of achieving these outcomes.

The key responsibilities of this role include:

  • Lead a team of security practitioners responsible for all things detection and response in our XDR platform, from building detection content (e.g., rules, analytics, ML models) to prototyping new detection capabilities, to delivering response and investigation playbooks
  • Set the team’s direction for development of new rules, analytics, and ML-derived detections in the platform; work with the team to adapt existing detection capabilities or prototype new ones as needed
  • Identify and prioritize the threat use cases for which our platform must deliver extended detection (correlation of alerts and events) and response outcomes and drive alignment with internal stakeholders (product management, sales engineering, product research, etc.)
  • Coordinate threat emulation exercises to measure the effectiveness of platform detection, correlation, and response capabilities for both Trellix native products (Endpoint, Network, DLP, Sandbox) and third-party products
  • Partner with Product Management to provide feedback on product features and build a prioritized roadmap of features needed to optimize detection, correlation, and response

Prior experience:

  • 10+ years of Security Operations Center or Incident Response experience
  • 10+ years of team management
  • 7+ years of experience writing and tuning security detection and prevention rules
  • Experience using EDR and SIEM solutions to detect and analyze threat activity
  • Experience using SOAR tools to build playbooks that reduce alert fatigue, improve alert efficacy, augment investigative workflows, and implement remediation actions
  • Experience conducting malware analysis, host and network forensics, log analysis, and triage in support of incident response
  • Experience investigating threats that span on-prem and cloud environments
  • Experience applying cyber threat intelligence to signals provided by security tools to make alerts more actionable
  • Experience with industry-wide frameworks and standards like MITRE ATT&CK, STIX, and SIGMA

Additional Qualifications

  • Experience with log management platforms such as Splunk, Elasticsearch, Logstash, Kibana – ELK, and Elastic Stack
  • Strong knowledge of Windows, Linux, and macOS operating systems
  • Strong knowledge of network and security protocols
  • Experience working effectively across a geographically dispersed organization
  • Ability to explain detection priorities to those without a technical background
  • Experience with the Trellix product portfolio including endpoint (MVISION EDR, ENS, HX), SIEM (Helix), and/or Network (NSP, NX).

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

  • Pension and Retirement Plans
  • Medical, Dental and Vision Coverage
  • Paid Time Off
  • Paid Parental Leave
  • Support for Community Involvement

We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Share This Job