Security Engineering Manager - DART

Role Description

The Detection and Response Team (DART) is looking for a manager with experience leading global security teams across threat detection, threat hunting, incident response, and insider threat functions. You will own the security operations functions of Dropbox in these areas. You will be responsible for growing and leading this program into the future, providing technical leadership, and keeping Dropbox worthy of trust!    You will engage with senior leaders across Dropbox with security concerns or escalations, review and improve existing cyber security processes, partner with peers in Security & Abuse, and Corporate and Production Engineering to protect Dropbox and improve our security posture.    We are a multi-disciplinary team with a wide variety of skills and responsibilities including Linux, macOS and Windows systems security, network security, and overall threat detection and incident response capabilities. We have many green field opportunities to apply your prior experience and vision to improve our threat detection and incident response program!  

Responsibilities

• You will lead and grow the Threat Detection and Incident Response Security Engineering team
• You will support incident response teams in planning for security incidents, ensuring that capabilities and procedures are regularly tested
• You will coordinate and engage with internal stakeholders, contracted security providers and/or law enforcement on larger investigations
• You will maintain and improve the post incident review process, including root cause analysis and control improvements
• You will develop policies, standards and guidelines for threat detection and incident response.
• You will improve threat detection and incident response workflows with automation and enrichments
• You will maintain knowledge of current threats, to ensure your organization is incident ready

Requirements

• Demonstrable experience leading threat detection, digital forensics and incident response (DFIR) teams on diverse and complex investigations
• Proven track record in Information Security with a focus on Incident Response.
• In-depth knowledge of the cyber security threat landscape and experience in bringing it to bear in a tailored response to a major incident.
• You should have an extensive, up to date understanding of the tools, techniques and tactics of Targeted Threat Actors and insight into present and future trends.
• Experience working in and leading security operations center (SOC), threat detection and Incident Response (IR) processes and experience with relevant tools (Log Aggregation, SIEM, SOAR, EDR)
• Applicable Professional qualification e.g CISSP, GSOM, GCIH, GCIA, GPEN, GCFE, GREM, EnCE, (Desirable)
• You have strong leadership skills and are confident in leading a cross-functional cyber incident involving senior leaders
•  Excellent organizational skills, ability to prioritize tasks and work calmly and methodically in pressurized situations
• Good interpersonal skills (both written and verbal) and stakeholder management skills
• You are able to work independently with little supervision, but also integrate well into teams
• You possess the ability to suggest creative but practical solutions to complex problems, and have an excellent analytical and technical curiosity