Director Engineering Threat Detection & Response

About WFS

Join our Worldwide Flight Services family and contribute to the timely delivery of cargo shipment, luggage, business to customer delivery, and on-time flights while operating safely and securely.  We perform at the highest level for our customers every day, and strive to be an exceptional leader in our industry with our teams of cargo, passenger, ramp handling, and technical service experts in 164 airport locations, 18 countries, and on 5 continents.  Are you ready to take off on your next career with us?

Job Summary

The Director Engineering, Threat Detection and Response is a senior cybersecurity leader responsible for both security tool engineering and security incident operations on a global scale.

Responsibilities

• Lead the organization’s global security engineering, threat detection, and incident response function, ensuring alignment with cybersecurity program objectives, regulatory compliance, and operational needs.
• Develop and maintain the threat detection and incident response program strategy, operational readiness (table-top exercises, purple team testing), and metrics.
• Lead the operational practices that identify cyber threats, vulnerabilities, and design countermeasures to safeguard protected data and systems.
• Lead proactive threat hunting initiatives to identify and mitigate hidden vulnerabilities or evolving risks through a combination of internal expertise and 3rd party partners.
• Develop cybersecurity analysts’ skills to hunt malicious indicators, TTPs, network communications and behavior to close detection gaps.
• Manage the portfolio of security technologies and tools (e.g., SIEM, EDR, IDS/IPS, SOAR, firewalls, identity management platforms).
• Oversee the lifecycle management of security tools — from initial deployment and configuration through tuning, integration, scaling, and eventual decommissioning or replacement.
• Ensure that security tooling and infrastructure are effectively protecting on-premises and cloud environments at scale.
• Lead, mentor, and develop a distributed team of cybersecurity engineers and incident responders.
• Foster a culture of innovation and continuous improvement within the team.
• Provide comprehensive reporting and dashboards to executive stakeholders, demonstrating program effectiveness, and areas for enhancement.

Minimum Requirements

• Bachelor’s Degree Required.
• Currently hold cybersecurity certifications such as GIAC GCIH, CEH, CISSP, and others preferred.
• Ongoing commitment to training and professional development in cybersecurity (through conferences, courses, and certifications) to stay current with industry best practices.
• Minimum of 15 years experience equivalent threat management & incident response experience.
  • Threat Detection & Analysis (leveraging SIEM tools, IDS/IPS, endpoint detection, log analysis, etc.).
  • Incident Response & Management (developing response plans, executing playbooks, forensic investigations, root cause analysis).
  • Threat Hunting (identifying undetected threats through proactive analysis and hypothesis-driven investigation).
  • Security control engineering and the interoperation between tools across domains (e.g., integrating EDR with SOAR).
  • Network Security (TCP/IP protocols), firewalls, intrusion prevention systems, and network traffic analysis.
  • Security Orchestration, Automation & Response (SOAR) platforms for streamlining detection and response processes through scripting/automation for log analysis, threat correlation, and incident triage tasks.
  • Operating System and Cloud Security (securing environments including Windows, Linux, AWS, Azure, GCP, and hybrid infrastructures).

Preferred Skills

• Knowledge of regulatory frameworks (e.g., GDPR, NIST CSF, ISO 27001) and how incident response ties into compliance requirements.
• Ability to translate technical findings into actionable insights for stakeholders at all organizational levels.
• Proficiency in turning security KPIs (e.g., MTTD, MTTR, detection coverage) into clear dashboards and executive briefings using platforms such as Power BI, Grafana, or Tableau, enabling data-backed program decisions.
• Level-headed and process focused.
• Detail-oriented and organized.
• Proactive and curious (keep up with the evolving threat landscape).
• Collaborative and diplomatic (ability to partner with a global team is key).
• Adaptable and resilient.
• Accountable and results-focused.
• Establish and monitor KPIs such as detection coverage, mean time to detect (MTTD), mean time to respond (MTTR), and other metrics to enhance the organization's threat detection, response, and incident resolution rates.
• Minimal international travel for team alignment and incident retrospectives.

Physical Requirements/Working Conditions

• Minimal international travel for team alignment and incident retrospectives (~10%).
  
• Some domestic travel for project rollouts and NA IT group meetings (~10%). 
• Remain in a stationary position 50% of the time.
• Constantly operates a computer and other office productivity machinery.
• Handle/grasp documents or office equipment.
• Sit and/or stand for short or extended periods.
• Work in an office environment using standard office equipment.
• Talk, listen, and speak clearly on the telephone.

Perks & Benefits

• Want your pay in advance?  Access your pay when you need it through DailyPay app!
• Are you a top performer who thrives on recognition?  On the spot awards offered through the Awardco Platform including gift cards and more!
• Need quality medical care?   Multiple options for both full and part-time employees!
• Want WFS Employee Extras? Travel Discounts, Pet insurance, Discount Shopping & More!
• Looking to stay healthy and improve your life?  Wellness Programs offered to all employees!
• Want to invest in your future?  401k program offered with company match!
• Looking to grow and have a career with us?  Opportunity for Internal Mobility and transfers available!

WFS is an equal opportunity employer committed to employment equity and inclusion. We accept applications from all qualified individuals.