Head of Managed Detection & Response

Why you should join our At-Bay Security team:

At-Bay is a fast-growth InsurSec company (Insurance x Cybersecurity) on a mission to bring innovative products to the market that help protect small businesses from digital risks. As an InsurSec provider, we uniquely combine insurance with mission-critical security technologies, threat intelligence, and human expertise, to bridge the critical security capability gap that exists among SMBs in the community. We believe InsurSec is an $80B market opportunity and we are excited to introduce the Head of Managed Detection & Response role to the security team in order to help expand our reach and influence in the business and security community, of which we serve 35,000 customers.

With At-Bay, our customers experience 5X fewer ransomware attacks. This is just the tip of the iceberg! Click here to learn more about what we're building. 

Role description 

The Head of Managed Detection & Response (MDR) provides direct day-to-day leadership of teams engaged in security monitoring and incident response for At-Bay insureds with specific responsibilities including: 

• Ownership of and management of the MDR service line at At-Bay, including capacity planning, capability sourcing, resource allocation, and market analysis to identify future areas of need for the team  
• Performing stakeholder management for key relationships related to delivery of MDR services (e.g., security tool vendors, IT service providers, etc.) 
• Developing relationships as needed with At-Bay stakeholders (i.e. policyholders, brokers, underwriters, etc.) to support business development and service delivery 
• Ownership of quality control for engagement delivery activities, client deliverables, and delivery activities 
• Collection and synthesis of lessons learned from service delivery activities 
• Participation in development and delivery of thought leadership (i.e. written and oral) to support At-Bay market messaging   

Key skills 

• Team leadership 
• Previous EDR, MDR, XDR, security monitoring, or incident response leadership experience 
• Strong oral and written communications skills 
• Executive “presence” 
• Previous hands-on experience performing security operations including several of the following: 
  • Security monitoring using a variety of endpoint and network tools 
  • Deployment, tuning, and operation of security tools from vendors such as CrowdStrike, SentinelOne, and others 
  • Deployment, tuning, and operation of SIEM or other tools used to aggregate and analyze security-relevant data 
  • Triage and analysis of potential indicators of compromise
  • Performing rapid response to contain and/or remediate potentially malicious activity
  • Development and analysis of cyber threat intelligence
  • Leadership of or participation in investigations involving digital evidence
  • Intrusion detection / cyber threat hunting
  • Malware analysis
• Previous hands-on experience working in information technology operations (e.g., Network Operations Center, Security Operations Center, Incident Response Team, etc.) 

Minimum requirements 

• Bachelor’s degree or equivalent 
• Minimum of 8 years of experience in cybersecurity operations, incident response, or another security discipline 
• Willingness to travel as needed to perform job functions 

Preferred requirements 

• Significant undergraduate or graduate coursework in computer science, computer engineering, information systems, or cybersecurity 
• Preferred candidates will have a mix of cybersecurity experience including either security operations or security engineering / architecture 
• Knowledge of cloud environments including knowledge of cloud security products and services offered by major cloud service providers (e.g., AWS, Azure, Google) 
• Experience as a manager or senior manager equivalent in technology or cybersecurity consulting, top-10 cyber consulting firm preferred 
• One or more industry cybersecurity certifications (e.g., GCIH, Security+, CISSP, etc.) 

Work location 

• USA, nationwide 

Our estimated base pay range for this role is $200,000-$250,000 per year. Base salary is determined by a variety of factors including but not limited to market data, location, internal equitability, domain knowledge, experiences and skills. In general, if the position sparks your interest we encourage you to apply - our team prioritizes talent.