Imagine yourself as a SOC analyst and a new alert pops to the top of the queue. You open the alert and all of the data you need to make a decision is present. In just a few seconds you’ve notified the customer of a potential security incident. After completing the investigation, you find yourself waiting in vain for another alert to appear in the queue (hey, we’re dreaming here, right?!). An alert finally pops up but it’s immediately triaged by the system; a combination of AI and automation classified the alert as benign, leaving you time to finish your research into the latest MFA bypass techniques.

Now, imagine you lead the team that enabled this scenario. Your team created the detection logic that produced the alert, built the response actions that enriched the alert, and automated the SOC playbook that made the decision. You prioritized this work with the data-driven detection program you’ve established.

You also relish working with your first team (peers) in the SOC, Customer Success, and Engineering to prioritize and solve the most urgent challenges we face. You have a high degree of empathy for our SOC analysts because you understand the demands of working in a SOC. And above all, you are laser focused on ensuring our customers receive the service they expect from a market leading MDR.

What Expel can do for you

• We will place you in a critical leadership role that is central to the success of Expel’s business. You will not be limited in opportunity to shine and deliver results.
• We will enable you to deliver detection and response capabilities for our customers within our existing platform, and with that experience empower you to define how we evolve our platform.
• Provide you the opportunity to collaborate closely with SOC analysts, data scientists, and software engineers responsible for various components of Expel’s service and technology
• We will facilitate your research through access to one of the most exciting security data sets in the industry! With data originating from 100+ integrations and spanning every category of security product under the sun well, the sun's the limit.

What you can do for Expel

• Improve and maintain the detection and response strategy of Expel’s Workbench platform in order to meet the scale of our growing customer base.
• Continuously mature the operational processes we use to rapidly support the ingestion of new security signals, deliver world-class detections, build effective automation, and ultimately drive the security value and scalability of the MDR service.
• Provide world-class support to our customers and internal teams through effective management of both reactive, short-term work and strategic, longer-term initiatives.
• Collaborate with your peers in Product Management, Customer Success, Engineering, and our SOC to ensure that your team’s service delivery consistently exceeds expectations.

What you should bring with you

• 5+ years mentoring security analysts, threat researchers, incident responders, or other related roles in the cybersecurity industry
• Experience managing the full lifecycle of detection engineering, from research and development to tuning and maintenance.
• Expertise building detections at scale for at least one of the following security categories: Endpoint, Network, Cloud, or Identity.
• A deep understanding of attack surfaces, corresponding attacker behaviors, how behaviors map to MITRE ATT&CK, and how to deliver coverage for those behaviors.
• Proficiency managing a complex stream of Detection Engineering-related support requests from across the business with the ability to quickly and effectively triage, scope, prioritize, and deliver solutions.

Additional Notes

The base salary range for this role is between $151,000 USD and $219,000 USD + bonus eligibility and equity.

We believe in paying transparently and equitably. Your salary will ultimately be based on factors such as your experience, skills, team equity, and market data. You’ll also be eligible for unlimited PTO (which we model and encourage), work location flexibility, up to 24 weeks of parental leave, and really excellent health benefits.

This role is remote.

We're only hiring those authorized to work in the United States. We do not currently sponsor immigration visas.

We're an Equal Opportunity Employer: you’ll receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

#LI-Remote