Manager, Threat Research (Adversary Emulation)

Responsibilities

• Lead and manage a team of threat researchers and detection developers focused on adversary emulation and detection content development.
• Partner with Product Management, Engineering, and Labs leadership to define priorities and execute strategic roadmaps.
• Develop high-quality detection content across endpoint, network, cloud, and identity attack surfaces.
• Guide the team in conducting adversary emulation activities to identify detection gaps and improve security coverage.
• Drive the development of anomaly-based and behavior-based detections with a focus on efficacy and customer value.
• Oversee the full software development lifecycle, ensuring quality, scalability, and operational excellence.
• Manage recruitment, workforce planning, team budgets, and professional development for the research team.

Requirements

• 6+ years of experience in cybersecurity with a focus on threat research, detection engineering, or signature development.
• 3+ years of experience in technical leadership roles within cybersecurity or related disciplines.
• Proven experience developing detection content using host, network, cloud, and identity telemetry.
• Strong knowledge of Windows internals, Windows event logging, and Sigma rule development.
• Experience with cloud and identity telemetry (e.g., AWS CloudTrail, Azure Activity Logs, Identity Providers).
• Deep understanding of network protocols, security architecture, and monitoring technologies.
• Proficiency in scripting languages such as Python, Bash, or PowerShell.
• Experience with SIEM platforms like Splunk or Elasticsearch.

Preferred Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, or a related field.
• Professional certifications such as CISSP, OSCP, or eLearnSecurity Junior Penetration Tester.
• Experience conducting red team, purple team, or adversary emulation activities.
• Experience working within Managed Detection and Response (MDR) or Security Operations (SOC) environments.

Benefits

• Equity for all employees.
• Flexible annual leave, paid holidays, and volunteer days.
• Comprehensive private benefits plan including medical insurance and life insurance.
• Training and career development programs.
• Fertility support and paid parental leave.

About the Company

Arctic Wolf is a leader in security operations, dedicated to the mission of ending cyber risk. We build award-winning technology, such as the Aurora Platform, to help organizations protect themselves from evolving threats. We foster a collaborative, inclusive, and high-growth environment where smart teammates solve complex problems to deliver real outcomes for customers worldwide.