Director, Managed Detection & Response

About us

Coalition is the world's first Active Insurance provider designed to help prevent digital risk before it strikes. Founded in 2017, Coalition combines broad insurance coverage with a digital risk assessment and continuous security monitoring to help organizations protect themselves in today’s hyper-connected world.

Opportunities to make an impact with bold thinking are real - and happening daily.

About the role

As a Director of Managed Detection & Response, your mandate is to protect our customers from loss by leading a global SOC servicing a broad customer base. Your leadership will make a significant impact on our clients’ security strategies, and you will help shape the future of cybersecurity as part of an innovative company leading the way in cyber risk management.

Working with a global, talented team of professionals, you will help define our strategy and roadmap, manage daily operations, and ensure that our SOC effectively detects, responds to, and mitigates cyber threats for our customers. You will own team management, communication, deployment efforts, tool management, alerting, reporting, etc. You will also have the opportunity to collaborate with stakeholders throughout the organization to achieve our shared goals, and advise on topics ranging from overall security architecture to data protection and compliance. 

Our team is composed of bright minds across many cybersecurity domains, with expertise in Incident Response, Threat Intelligence, Security Architecture, Cyber Risk Management, Security Strategy, Controls, Compliance, and Governance. We need you to be a team builder, a self-starter, confident with clients, passionate about customer service, and able to run with this opportunity to shape Coalition’s MDR and Managed Services offerings.

Responsibilities

• Develop and execute the global strategy for MDR services.
• Oversee the daily operations of the global SOC, ensuring high levels of performance and customer satisfaction.
• Implement and optimize technologies and processes for threat detection, incident response, and SOC automation.
• Develop and maintain strong relationships with clients, understanding their unique security needs and tailoring MDR services accordingly.
• Lead regular client briefings and security assessments, delivering actionable insights to improve their security posture.
• Foster a collaborative and inclusive team environment that encourages innovation, knowledge sharing and continuous professional development.
• Remain current on emerging cybersecurity threats, trends, and technologies, and contribute to building internal processes and customer service offerings.
• Own the selection and management of third-party vendors and service providers, ensuring they meet our security standards, deliver optimal value, and managing ongoing relationships, including negotiating contracts and setting performance expectations
• Collaborate with product and engineering teams to integrate MDR insights into product development.
• Stay abreast of the current regulatory environment, industry trends, and related implications.

Skills and Qualifications

• Bachelor’s Degree in Computer Science, Information Security, Engineering, or other relevant subjects.
• 10+ years of experience in Security SaaS and/or Security Services fields.
• Minimum of 5+ years of Managed Detection and Response experience.
• 5+ years of people management and leadership experience 
• Deep understanding of cybersecurity threats, vulnerabilities, and attack methods.
• Knowledge of information technology and networking fundamentals, analysis, and applications, including log and network traffic capture analysis.
• Strong experience with SOC tools and technologies (e.g., SIEM, EDR, SOAR), in particular experience with EDR tools like SentinelOne, Microsoft Defender and CrowdStrike Falcon.
• Knowledge of industry-standard frameworks – NIST, HIPAA, PCI.
• Self-motivated; entrepreneurial spirit; comfortable working in a fast-paced, dynamic environment.
• Strong interpersonal communication skills (verbal & written).
• Aptitude to learn technical concepts/terms, and ability to manage multiple tasks/projects simultaneously.

Bonus Points

• Relevant certifications such as CISSP, CISM, or equivalent are strongly preferred.
• Experience with Velociraptor, Axiom, FTK, SIFT, Volatility, ELK, WireShark, Plaso, Skadi, or other open-source forensic/log analysis/network analysis tools.
• Experience scripting in Python or PowerShell.

Why Coalition? 

We’re a remote-first, mission-driven team committed to building a more inclusive culture with people of all different backgrounds. We trust our team members to take responsibility, share ownership, and put in the work to help us in our pursuit to solve digital risk.

Coalition’s exceptional growth stems from its ability to address real-world problems for organizations of all sizes and remain true to our founding values of character, humility, responsibility, purpose, authenticity, and inclusion. 

We’re always looking for collaborative, inquisitive individuals to join #OurCoalition.

Visit our Newsroom >

Privacy Notice

Coalition is committed to protecting your privacy. We want you to understand what personal information we collect and how we use it. We also want you to understand your options regarding our collection, use, and disclosure of such information and your ability to access and correct such information. As the leading provider of active insurance, Coalition is required to adhere to certain local regulations, including U.S. federal and state laws that protect your information and our use and disclosure of it.

Information submitted, collected, and processed as part of your application is subject to Coalition's Privacy Policy.

Anti-Discrimination Notice

Coalition is proud to be an Equal Opportunity employer. It is our policy to provide equal opportunity to all individuals seeking employment without regard to race, color, religion, religious creed, national origin, age, sex, marital status, ancestry, physical or mental disability, military or veteran status, gender, gender identity, gender expression, sexual orientation, medical condition, genetic information, or any other protected category under federal, state, or local law. We also prohibit harassment or discrimination of applicants based on the above-protected categories. This policy covers all aspects of employment, including but not limited to, recruitment, selection, training, promotion, transfer, compensation, demotion, and termination of employment.

Accommodations

Coalition complies with US federal and state disability laws. Our policy is to provide reasonable accommodations to qualified individuals with disabilities, including applicants and employees unless the accommodation imposes an undue hardship. Contact us by emailing candidateaccommodations@coalitioninc.com if you require reasonable accommodation to complete this application, interview, pre-employment testing, or participating in the employee selection process.

We consider qualified applicants, regardless of criminal histories, consistent with legal requirements.

To all recruitment agencies: Coalition does not accept unsolicited agency resumes. Do not forward resumes to our email alias, employees, or other physical or virtual organization locations. Coalition is not responsible for any fees related to unsolicited resumes.