Director – Threat Detection

10+ years of experience in Cybersecurity or related fields.
5+ years in a leadership role and proven track record leading a Threat Hunt, Detection Engineering or Incident Response function.
Hands-on experience, particularly in a leadership role, is critical for understanding the complexities and challenges of managing security incidents, hunting and detection across different environments.
Strong experience in writing and managing detection rules.
Strong experience in conducting threat hunts.
Proficiency and hands-on experience with Incident Response tools, protocols, and analysis techniques is crucial.
Ability to create detailed and clear incident reports for technical and non-technical stakeholders.
Must have a deep understanding of cybersecurity principles, including knowledge of threats, vulnerabilities, and risk management.
A thorough understanding of incident response procedures is crucial.
Knowledge of digital forensics to investigate security incidents.
Experience in identifying and leveraging cyber threat intelligence resources (reports, TTPs, IOCs, YARA rules, etc.) for response, detection and hunt.
Knowledge of and practical experience with Kill Chain, Diamond and MITRE ATT&CK frameworks.

Oversee the monitoring of security events and incidents to ensure timely detection, analysis, and response to ensure fraud and financial losses are prevented.
Develop and lead Threat Hunting and Detection Engineering functions to implement proactive threat hunting and detection strategies that identify and mitigate potential threats to the payments ecosystem that could lead to financial or other losses.
Develop and lead a Cyber Threat Intelligence function to identify and report on emerging threats and trends in the financial and payments industry.
Develop and maintain Incident Response plans including playbooks and escalation procedures for fraud and financial crime scenarios.
Conduct post-incident analysis (root cause analysis), oversee forensic investigations, and collaborate with various teams for a coordinated response and continuous improvement on the risk posture of North to prevent financial loss.
Lead tabletop exercises with senior management and executive leadership teams related to cyber risk and fraud.
Provide leadership and direction to the team: Set clear goals, expectations, and priorities, ensuring alignment with overall company objectives. Foster a positive, collaborative, and results-driven team environment.
Manage team performance and development: Oversee day-to-day activities, provide regular coaching and feedback, conduct performance reviews, identify training needs, and support career growth opportunities for team members.

Certifications such as GDAT, GCIH, GPEN, GCTI are strongly preferred.
Familiarity with developing and implementing disaster recovery plans to ensure business continuity in the event of a security breach is beneficial.