Manager, Detection & Response
San Francisco, USA
Full Time Mid-level / Intermediate USD 225K - 265K
Postman
Postman is the world's leading collaboration platform for API development. Postman's features simplify each step of building an API & streamline collaboration to help create better APIs—faster. More than 30 million developers & 500,000 organizations worldwide use Postman today, and we continue to strive humbly towards our mission of 100 million connected developers & serving companies as they seek to innovate in an API-first world. Our customers are doing more and more astounding things with the Postman product every day, and as a result, we are growing rapidly.
We highly recommend reading The "API-First World" graphic novel to understand the bigger picture & our vision at Postman.
About The Role
We are seeking a seasoned Manager of Detection & Response with hands-on D&R and AppSec experience, and at least 2 years in a leadership role. The ideal candidate will have a strong background in high-growth, cloud-native companies, embodying a pragmatic, risk-focused approach to security. This role requires a leader with a solid technical foundation in scalable security solutions, exceptional communication skills, and a product-focused mindset. The candidate should prefer collaboration over strict mandates, demonstrating prowess in hiring, coaching, and developing a top-tier team. The successful applicant will advance our D&R capabilities, identify and mitigate gaps within our security framework, and ensure our team is well-prepared to respond to security incidents effectively.
What You'll Do
- Guide and develop the Detection & Response team, ensuring they possess the necessary skills and knowledge to manage security events and contribute to strategic security initiatives effectively.
- Persist in offering training and mentorship to the Detection & Response team as needed, fostering skill development and operational excellence.
- Advance the maturity of our Detection & Response capabilities to ensure rapid and effective responses to genuine threats.
- Manage and improve the Detection & Response tooling ecosystem and ensure it can scale with the needs of the business.
- Develop and implement a practical Incident Response (IR) strategy to ensure swift and effective action in the face of security incidents.
- Assess existing logging frameworks to identify deficiencies and implement a comprehensive centralized logging solution.
- Identify key security threats pertinent to our operations and develop corresponding response playbooks for timely and efficient threat mitigation.
- Conduct a thorough analysis to uncover any deficiencies within our broader Detection & Response framework and spearhead initiatives to address these gaps.
Requirements
- Candidates must possess a minimum of 5 years of experience in security, demonstrating hands-on expertise in Detection & Response (D&R) and Application Security (AppSec), coupled with a comprehensive understanding of diverse security strategies and their implications.
- At least 2 years of proven leadership experience, with a track record of managing and guiding teams effectively.
- Previous involvement in high-growth, cloud-native environments is essential, showcasing adaptability and innovative problem-solving in dynamic settings.
- The ideal candidate is a pragmatic security leader who endorses risk-focused and scalable security measures, balancing effectiveness with efficiency.
- A solid technical foundation in developing and implementing scalable security solutions is required, demonstrating the ability to address complex security challenges.
- Exceptional communication skills are a must, along with a product-centric approach to devise and implement solutions that meet customer needs effectively.
- A preference for collaborative and problem-solving methodologies over rigid processes and directives is desired, emphasizing teamwork and innovation.
- Experience in hiring, mentoring, and developing a high-performing team is crucial, with a focus on fostering a culture of excellence and continuous improvement.
- The role demands meticulous attention to detail and strong capabilities in cross-team communication and program management, ensuring coherence and alignment across various initiatives.
Our Values
At Postman, we create with the same curiosity that we see in our users. We value transparency & honest communication about not only successes, but also failures. In our work, we focus on specific goals that add up to a larger vision. Our inclusive work culture ensures that everyone is valued equally as important pieces of our final product. We are dedicated to delivering the best products we can.
What Else?
If the role is based in the greater San Francisco area, and the reasonably estimated salary for this role ranges from $225,000 - $265,000 plus a competitive equity package. Actual compensation is based on the candidate's skills, qualifications, and experience. In addition to our pay-on-performance philosophy, we offer a comprehensive set of benefits, including full medical coverage, flexible PTO, wellness reimbursement, and a monthly lunch stipend. Salaries will vary outside of the listed metropolitan areas & the U.S.
Equal Opportunity
Postman is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. Postman does not accept unsolicited headhunter and agency resumes. Postman will not pay fees to any third-party agency or company that does not have a signed agreement with Postman.
Tags: APIs Application security Cloud Incident response PostMan Strategy
Perks/benefits: Competitive pay Equity Flex vacation Health care Startup environment Team events Transparency Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs