All Specialist-level capabilities plus elevated expectations in leadership, strategy, and influence: • Extensive experience in detection engineering, incident response, threat hunting, or similar security operations roles, with a proven ability to lead complex technical initiatives • Expert understanding of Risked based alerting strategies and detection methodologies, capable of designing enterprise-wide detection models and influencing risk scoring frameworks • Deep knowledge of large enterprise architectures, including networks, operating systems (Windows, macOS, Linux), cloud ecosystems, and modern telemetry pipelines • Expert-level understanding of adversarial frameworks including MITRE ATT&CK and the Cyber Kill Chain, with demonstrated ability to translate them into operational detection logic • Advanced proficiency in Splunk Enterprise Security (ES) and its architecture, including correlation searches, risk frameworks, data models, and performance optimization • Advanced experience with SPL and KQL, including designing scalable, optimized, and maintainable detection libraries • Strong familiarity with SOAR, CI/CD, code repositories, and engineering pipelines, with the ability to influence development best practices for detection content • Ability to lead with inclusivity, leveraging diverse ideas and perspectives to achieve better analytical outcomes and team performance • Demonstrated leadership in continuous learning, staying ahead of emerging technologies, threats, and engineering methodologies • Exceptional communication and collaboration skills, with the ability to influence across technology, security, and business stakeholders. As a Lead, you will perform all responsibilities of a Specialist while also providing technical leadership, strategic direction, and cross-team coordination, such as: • Lead the design and implementation of enterprise-scale cyber threat detection capabilities across diverse technologies, ensuring accuracy, resilience, and alignment with risk priorities • Drive advanced research into adversarial TTPs, guiding the team in creating innovative and proactive detection methodologies across varied cloud & on-prem platforms • Partner strategically with Cyber Threat Intelligence to prioritize, shape, and operationalize intelligence into high-impact, sustainable detection coverage • Collaborate with Cyber Threat Hunting to transform successful hunts into automated, scalable detections and long-term detection hypotheses • Architect and oversee development of detection engineering automations, frameworks, and reusable tooling to accelerate team velocity and maturity • Identify, influence, and implement detection engineering tooling, infrastructure, and data visibility improvements across the enterprise • Provide authoritative insight on detection and visibility gaps, driving remediation efforts with platform owners, security architects, and engineering teams • Lead cross-functional initiatives to establish security requirements, uplift telemetry coverage, and strengthen detection and response capabilities • Coach, mentor, and elevate team members, fostering technical excellence, analytical rigor, and innovative thinking • Champion emerging technologies and best practices, embedding continuous improvement and modern engineering approaches into day-to-day operations.