This Role is Tailor-Made for You Because:
You are a technically authoritative security leader who understands that effective threat management is driven by identity, data movement, configuration integrity, and adversary behavior, not tool accumulation. You are fluent in modern attack paths across human and non-human identities, cloud platforms, CI/CD pipelines, ERP systems, and AI-enabled environments, and you know how to translate that understanding into operational detection, governance, and executive decision support.
This role leads the Threat Engineering pillar and represents a clear technical step above traditional security engineering or SOC leadership. You are accountable for threat modeling, detection strategy, identity-centric security, data governance, privacy engineering, audit-aligned control assurance, and adversarial validation. While incident response execution is handled primarily by MSSPs, you retain authority over detection quality, escalation models, risk-based prioritization, and consequence management.

A Day in the Life:

You will own enterprise threat management and threat modeling, identifying relevant adversaries, tactics, techniques, and procedures and ensuring those models actively drive detection engineering, vulnerability prioritization, and governance decisions. You will apply frameworks such as MITRE ATT&CK pragmatically, with emphasis on identity-based attack paths, cloud-native threats, insider abuse, supply chain compromise, and AI-enabled abuse.

• You will serve as the lead authority for detection strategy across human and non-human identities, including service accounts, workloads, APIs, pipelines, and agentic systems.
• You will define and drive a threat capability maturity model covering detection, response, identity security, data governance, privacy, third-party risk, and crisis readiness. You will assess current state, define target maturity, and lead initiatives that measurably advance capability over time .
• You will ensure identity telemetry, privilege use, token issuance, and anomalous behavior are first-class detection concerns across networks, Microsoft 365, GCP, and enterprise platforms..
• You will lead and mentor a Detection Engineer and partner with the Privacy, Risk & Control Engineer, ensuring threat, privacy, compliance, and audit activities are tightly integrated.
• You will remain hands-on in defining, validating, and tuning detections across identity, cloud, endpoint, network, application, and data layers, ensuring detections are adversary-driven, high-fidelity, and operationally actionable.
• You will own and actively challenge red team, purple team, and penetration testing activities, ensuring they reflect realistic adversary behavior, current threat conditions, and meaningful business impact. You will interrogate findings, validate exploit paths, and ensure outcomes drive improvements in detection, configuration, architecture, and response readiness rather than producing static reports.
• You will design, lead, and facilitate consequence-driven tabletop exercises focused on real threat scenarios, escalation breakdowns, decision authority, and business impact. These exercises will extend beyond technical response to test executive decision-making, communications, legal considerations, third-party dependencies, and operational resilience.
• You will establish and maintain working partnerships with internal and external crisis and incident management stakeholders, including MSSPs, legal counsel, communications, insurance providers, and executive leadership. You will ensure roles, escalation paths, and decision rights are clear before incidents occur and exercised regularly.
• You will optimize the organization's security stack and managed security service providers to ensure full visibility, integration, and coverage. You will challenge runtime security assumptions, configuration quality, and alert effectiveness, driving automation and workflow improvements that reduce MTTR and eliminate blind spots.
• You will own risk-based threat and vulnerability management, ensuring remediation priorities reflect exploitability, adversary relevance, identity exposure, and business context rather than severity scores alone.
• You will develop and deliver executive-level threat and risk reporting, including clear KPIs and key security factors that communicate detection effectiveness, control maturity, incident readiness, audit posture, and residual risk to both technical and business audiences.

To Land This Role:

• Bachelor's degree in computer science, engineering, information security, or equivalent practical experience.
• 10+ years of progressive experience in threat engineering, detection engineering, advanced security engineering, or closely related roles in complex cloud and identity-centric environments.
• Advanced expertise in threat modeling, threat hunting, and adversarial techniques across enterprise networks, Microsoft 365, GCP, CI/CD pipelines, ERP platforms, and data environments. Demonstrated experience applying MITRE ATT&CK or similar frameworks to operational threat management and adversarial validation programs.
• Strong technical depth in identity and access management, non-human identities, cloud security, configuration management, runtime security, data governance, and AI-related risk. Proven ability to interrogate architectures, challenge red and purple team outputs, and translate findings into concrete mitigations.
• Professional certifications such as CISSP, OSCP, GWAPT, or similar are highly desirable
• Demonstrated ability to lead technical staff while remaining deeply engaged in threat strategy, adversarial analysis, governance, audit assurance, and executive consequence management.

Why You'll Want to Join Our Team:
Our Technology team has a clear mission: use technology to enable the business to operate efficiently while driving growth and profitability. We envision, we strategize, we engineer, we design, we build, we test, we support, and we serve. Our tools and systems impact every customer and every member of our team every day and our role is to make each engagement seamless and rewarding. As we build our in-house engineering teams, we are focused on further modernizing our platforms, leveraging our data analytics capabilities and creating a transformational customer experience. Come join us!

How We Work Together

• Adaptable - We change before we have to
• Entrepreneurial - We own it
• Collaborative - There's no "I" in Tory
• Client & Brand Focused - We put ourselves in Tory's shoes
• Live the Values - We show up for each other
• Functional Expertise - We're constantly learning and growing

#TeamTory Values

We show up with honesty & kindness, act with integrity & compassion, work with passion & humility and lead with excellence & humor.

Compensation Range
The compensation range for this position is 165,000.00 USD - 200,000.00 USD. Our offer will be based on your relevant experience and work location.

Benefits Information

We offer a generous set of benefits to help you take care of your heath, create financial security, and achieve wellness in all areas of your life. Here are highlights of key benefits available to all Tory Burch members that work over 30 hours.