Role OverviewAs Detection and Response Lead, you'll build and scale the foundations of Serval's cybersecurity detection and response operations. You will set the strategy and drive execution for security monitoring, incident response, recovery, and post-incident improvement across our infrastructure and the systems our customers trust us to operate in.
You'll be a hands-on leader with deep technical credibility and strong operational instincts. You will build and mentor a team, partner closely with Engineering and Product, and ensure that detection and response capabilities are embedded by design into the systems that power Serval.
What You'll Do- Design, implement, and operate detection and response operations, including continuous monitoring, triage, investigation, containment, and remediation of security events across a diverse set of networks and infrastructure.
- Build, lead, and directly mentor a team spanning observability, detection and response, and threat intelligence, hiring and scaling these functions deliberately and proportionately as Serval's platform and customer footprint grow.
- Ensure world-class operational rigor and readiness through incident playbooks, on-call and escalation paths, tabletop exercises, and continuous improvement of response quality and speed.
- Improve detection quality and coverage by partnering with engineering teams to ensure critical telemetry is available, reliable, and actionable across cloud, corporate, and production environments.
- Partner deeply across Engineering, Product, and Infrastructure to embed detection and response into Serval's systems by design rather than as an afterthought.
- Build a security program capable of withstanding sophisticated adversaries, including by using Serval's own agents to solve frontier security and security-operations problems.
What You'll Need- Have 10+ years in cybersecurity with deep expertise in detection engineering, incident response, and security operations.
- Have deep experience building and leading detection and response, instrumentation/observability, and threat intelligence teams.
- Have stellar leadership skills and a demonstrated history of driving durable, continuous improvements to programs, processes, and people.
- Have exceptional written and verbal communication skills, can remain calm under pressure, and can effectively run command of security incidents involving numerous stakeholders across a diverse gamut of teams, expertise, and seniority.
- Have deep expertise in modern observability stacks (e.g., SIEM, data lakes, EDR, cloud telemetry, logging) and detection primitives.
- Understand modern adversary tradecraft (TTPs) and have demonstrated experience translating it into practical detection strategies and response actions.
- Are mission-oriented, have unimpeachable integrity, and are passionate about detecting and responding to adversaries in a highly complex, fast-paced environment.
What We Offer- Impact: Be a key player in shaping the success of our product and company.
- Growth: Build a fundamentally new AI product offering with the support of our experienced team and investors. Grow rapidly with the company.
- Culture: Join a culture that values innovation, ownership, accountability, and fun.
