ForgeApply · Job listing
Engineering Manager, Security Detection & Response
Apolloio
Apply in about a minute — without sacrificing quality.
ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.
About this role
Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally, from rapidly growing startups to some of the world's largest enterprises. Founded in 2015, the company is one of the fastest growing companies in SaaS, raising approximately $250 million to date and valued at $1.6 billion. Apollo.io provides sales and marketing teams with easy access to verified contact data for over 210 million B2B contacts and 35 million companies worldwide, along with tools to engage and convert these contacts in one unified platform. By helping revenue professionals find the most accurate contact information and automating the outreach process, Apollo.io turns prospects into customers. Apollo raised a series D in 2023 and is backed by top-tier investors, including Sequoia Capital, Bain Capital Ventures, and more, and counts the former President and COO of Hubspot, JD Sherman, among its board members.
Role Overview
Apollo is looking for a technical Engineering Manager to lead our Security Detection & Response function. This role is responsible for managing engineers while building and scaling the technical systems behind modern security operations, including detection engineering, Panther content, telemetry onboarding, Python-based automation, and CI/CD workflows for security tooling. This is a hands-on leadership role for someone who can coach a team, make sound engineering decisions, and stay close to the technical details.
This role operates in a fully remote environment and requires excellent asynchronous communication and collaboration skills.
Key Responsibilities
Security Incident Leadership & Response
• Own and continuously improve end-to-end detection, investigation, response, post-incident review, and threat intelligence-informed improvement processes, including AI-assisted triage and investigation workflows.
• Lead complex and high-severity incidents with clear decision-making, effective stakeholder communication, and accountable follow-through on remediation.
• Stay technically engaged in investigations across cloud infrastructure, SaaS platforms, corporate systems, user behavior, and abuse scenarios, and translate incident learnings, platform changes, and threat trends into Security Detection & Response priorities.
Security Observability, Detection Engineering, Automation & AI
• Define and evolve security observability and detection strategy, including telemetry onboarding, signal quality, threat intelligence inputs, alert tuning, and coverage validation.
• Oversee Panther detections, MITRE ATT&CK-aligned use cases, investigation playbooks, and response automations, with measurement and validation loops for coverage, precision, latency, tuning effectiveness, safe rollout, and attack-simulation-based validation.
• Transform security operations processes through practical use of AI, including designing agents and AI-native workflows for triage, enrichment, investigation, and response.
• Drive Python-based tooling, CI/CD practices, and pragmatic use of AI to improve the speed, quality, and reliability of Security Detection & Response workflows.
Team Leadership & Cross-Functional Collaboration
• Build, lead, and retain a high-performing remote Security Detection & Response team with clear expectations, strong onboarding, documentation, and knowledge-sharing practices.
• Coach engineers to grow in technical depth, operational ownership, and leadership capability while partnering closely with Engineering, IT, Fraud, Legal, People, Support, and Product on incidents, investigations, and security improvements.
• Work closely with Engineering and Infrastructure on telemetry quality, data pipelines, and operational readiness, and communicate security risk, incident impact, and remediation plans clearly to technical and non-technical stakeholders.
• Define and review strategy-aligned metrics and reporting that measure Security Detection & Response effectiveness, highlight trends and gaps, and inform priorities and stakeholder decisions.
Required Skills & Experience
• 5+ years of experience in Security Detection & Response, Security Engineering, or Incident Response.
• 2+ years of people management experience, including hiring, coaching, and performance management, ideally in a remote-first environment.
• Strong hands-on experience with modern SIEM platforms, security observability, detection engineering, log analysis, and complex security investigations; experience with Panther is highly valued.
• Strong proficiency in Python for automation, analysis, and internal tooling, with the ability to remain technically credible with engineers.
• Experience with automation, Git-based workflows, CI/CD practices, threat intelligence-informed detections, AI-assisted workflows, and building agents or AI-native workflows for security content, tooling, or response processes.
• Experience with cloud-native platforms, security telemetry, and SaaS environments; GCP experience preferred. Familiarity with toolsets similar to Apollo's, including Google Workspace, Okta, GitHub, Slack, Atlassian, Cloudflare, CrowdStrike, Kandji, Panther, and Snowflake-backed log pipelines, is strongly valued.
• Excellent written and verbal communication, leadership, and stakeholder management skills.
Preferred Qualifications
• Experience leading Detection Engineering, Security Engineering, or Security Detection & Response teams in a high-growth cloud or SaaS environment.
• Experience applying AI-assisted security tooling to detection, triage, investigation, or response in a production environment.
• Familiarity with MITRE ATT&CK, threat intelligence workflows, and vulnerability management programs, SLAs, and remediation processes.
• Relevant certifications such as CISSP, GCIA, GCIH, GCED, or cloud security certifications.
The listed Pay Range reflects the total cash compensation inclusive of annual base salary and annual bonus as applicable. For
Ready to apply to Apolloio?
Apply in about a minuteSimilar jobs
- Senior Security Engineer, Detection and Response — Hackerone · Remote
- Senior Security Engineer, Detection and Response — Cape · Remote
- Security Engineer, Detection & Response — Anthropic · San Francisco, CA | New York City, NY | Seattle, WA; Washington, DC
- Security Engineer, Detection & Response — Scaleai · New York, NY; San Francisco, CA; Seattle, WA; Washington, DC
- Senior Security Engineer - Detection and Response — Klaviyo · Boston, MA
- Senior Security Engineer - Detection and Response — Klaviyo · Denver, CO
- Senior Security Engineer (Detection & Response) — Justworks · New York, New York
- Security Engineer, Detection and Response — Notion · San Francisco, California