Group Product Manager - Threat Detection and Incident Response (Cloud SIEM)

Join Datadog as a Group Product Manager for our Cloud SIEM product, where you will empower security teams to proactively detect, investigate, and respond to threats within modern cloud and SaaS environments. In this pivotal role, you will set the strategic vision for our Threat Detection and Incident Response (TDIR) capabilities, significantly influencing ho…

As a Product Manager for Cloud Detection & Response (CDR), you will play a pivotal role in creating a cohesive threat detection, investigation, and response experience for Datadog's Cloud Security Management solution. By integrating deep security telemetry from our Cloud SIEM, Workload Protection, and Cloud Security offerings, CDR enhances Datadog's observability platform, which includes APM traces, infrastructure metrics, and logs. This unified approach empowers security teams with a comprehensive, context-rich workflow to swiftly identify and respond to cloud threats. Collaborating with engineers, designers, and go-to-market teams, you will define this innovative product area and drive customer adoption and revenue growth. At Datadog, we value our office culture, fostering collaboration and creativity. We operate a hybrid workplace, enabling our Datadogs to achieve a harmonious work-life balance tailored to their needs.

COMPANY OVERVIEWKKR & Co. Inc., a premier global investment firm, specializes in alternative asset management, capital markets, and insurance solutions. Our mission is to achieve compelling investment returns through a patient, disciplined approach, leveraging exceptional talent, and fostering growth in our portfolio companies and communities. KKR oversees investment funds that engage in private equity, credit, and real assets, while our insurance subsidiaries offer retirement, life, and reinsurance products managed by Global Atlantic Financial Group. References to KKR’s investments may encompass activities of its sponsored funds and insurance subsidiaries.TEAM OVERVIEWAt KKR's Technology organization, we are a dynamic group of dedicated technologists and product managers, united by a common goal of delivering outstanding products and solutions that provide significant value to our stakeholders, clients, and investors. Our enthusiasm for technology and innovation propels us to create high-quality, impactful solutions that tackle complex challenges and adapt to the evolving demands of our sophisticated businesses.Collaboration is fundamental to our success. We cultivate an environment of open communication and continuous learning, fostering a culture that appreciates diverse perspectives and collective accomplishments. Our global presence allows us to incorporate varied viewpoints into our product and solution offerings, resulting in comprehensive, adaptable, and scalable solutions. We focus on delivering impactful results, prioritizing excellence while remaining nimble in response to the changing needs of our businesses.POSITION OVERVIEWWe are on the lookout for a skilled SOC Engineer to enhance our Threat Detection & Response capabilities at KKR in either New York or Boston. This role is crucial for modernizing our operations through an engineering-first approach. You'll be dedicated to boosting the effectiveness of our analysts by implementing automation, tooling, and agentic/MCP-style workflows that enhance triage speed, case quality, and containment outcomes. This position requires you to be in the office five days a week.Your responsibilities will span across telemetry, case management, SOAR, and analyst workflows aimed at minimizing toil, improving consistency, and making response efforts more measurable and reliable. While detection engineering is an aspect of this role, the primary focus will be on signal and workflow engineering to ensure alerts are enriched, prioritized, routed, and linked to actionable response paths.What Success Looks Like (6–12 months)Significant reduction in analyst toil and time-to-triage through automation and standardized workflows.

Role Overview FanDuel Inc. is hiring a Director of Threat Detection and Response in New York City. This leader will guide a skilled team focused on protecting FanDuel’s digital assets from evolving security threats. What You Will Do Design, implement, and refine threat detection strategies to stay ahead of emerging risks. Lead and develop the threat detection and response team. Promote security awareness and resilience throughout the organization. Work closely with cross-functional teams to strengthen defenses against cyber threats.

Join our dynamic Security Engineering team as a Senior Security Engineer specializing in Detection and Incident Response. In this pivotal role, you will blend the realms of security operations and software engineering, not only investigating incidents but also developing the systems that detect, contain, and prevent them. Your contributions will involve designing and deploying high-precision detection mechanisms across cloud services and enterprise SaaS platforms, crafting automation to expedite response times, and enhancing telemetry pipelines essential for robust security measures.Your expertise in coding will be as vital as your incident triaging skills. You will structure investigations, analyze root causes, and clearly communicate the implications of security incidents to both technical and non-technical stakeholders. Additionally, you'll leverage these insights to drive lasting engineering improvements, resulting in better detections and smarter automation.

Join our team as an Incident Response Engineer, where you will play a critical role in enhancing our cybersecurity infrastructure and safeguarding our digital assets. In this dynamic position, you will be responsible for identifying, analyzing, and responding to security incidents while ensuring our systems remain resilient against potential threats.As an essential member of our security team, you will collaborate closely with both technical and non-technical stakeholders to develop effective incident response strategies, conduct post-incident reviews, and implement robust security measures.

The Seasonal Incident Response and Threat Intelligence Analyst plays a critical role in safeguarding our organization against cybersecurity threats, fraud, and digital risks. This position is designed to identify, investigate, and respond to incidents that could affect Major League Baseball and its affiliates. By combining incident response, threat intelligence, digital risk protection, and fraud analysis, you will proactively detect risks, disrupt malicious activities, and enhance our defenses through actionable intelligence and thorough investigations.Key Responsibilities:Assist in security and fraud incident response efforts, coordinating with the virtual Security Operations Center (vSOC) and internal teams for incident identification, containment, remediation, and analysis.Enhance digital risk protection and threat intelligence initiatives, providing timely and actionable insights to support operational responses and threat modeling.Conduct sensitive digital and fraud investigations, producing clear and defensible investigative reports.Monitor and assess the cyber threat landscape, utilizing OSINT, deep/dark web sources, and industry tools to identify threats, vulnerabilities, and adversary tactics.Analyze system logs and user behavior to detect anomalies and high-risk patterns, developing strategies for mitigation and prevention.

COMPANY OVERVIEWKKR is a renowned global investment firm specializing in alternative asset management, capital markets, and insurance solutions. Our mission is to deliver compelling investment returns through a disciplined approach, exceptional talent, and a commitment to fostering growth within our portfolio and communities. KKR manages investment funds focused on private equity, credit, and real assets, and collaborates with strategic partners overseeing hedge funds. Our insurance subsidiaries, under Global Atlantic Financial Group, provide a range of retirement, life, and reinsurance products.TEAM OVERVIEWWithin KKR's Technology organization, a team of dedicated technologists and product managers work together to create innovative solutions that add value for clients and stakeholders alike. Our commitment to technology and innovation drives us to develop impactful solutions that effectively address complex challenges while adapting to the evolving requirements of our sophisticated businesses. We believe that teamwork is essential for success and foster a culture of open collaboration, continuous learning, and diversity of thought.POSITION OVERVIEWWe are looking for a skilled Blue Team Lead to become KKR's U.S. Regional Lead and primary escalation point for intricate cyber incidents within our Threat Detection & Response (TD&R) function, based in our New York or Boston office. This senior leadership position requires deep investigative expertise, responsibility for incident command, containment strategies, stakeholder communications, and readiness for response. This role mandates in-office presence five days a week.As KKR transitions to a more cloud-first and identity-first model, this role will play a crucial part in determining our response strategies, collaborating closely with our Managed Security Service Provider (MSSP), internal Computer Incident Response Team (CIRT), and engineering teams to achieve swift and consistent outcomes.

Join Human as a strategic security leader, where you will spearhead our global incident response and investigative efforts. In this pivotal role, you will ensure our organization is fully equipped to prepare for, detect, and respond to security incidents affecting HUMAN, our service ventures, partners, and customers. Collaborating closely with engineering, infrastructure, legal, and business teams, you will enhance our incident handling and continuously improve our detection and response capabilities. As part of a dynamic team, you will also engage with adjacent security domains such as Governance, Risk & Compliance (GRC), product security, and corporate security as needed. This position is open to candidates on the USA East Coast or in the UK.Key ResponsibilitiesOversee Global Incident ResponseLead the incident response process from start to finish, providing both strategic direction and hands-on support during critical incidents.Manage the entire incident lifecycle – preparation, detection, triage, containment, eradication, recovery, and post-incident analysis – ensuring clear roles and communication plans are in place.Act as the Incident Response Commander (IRC) for major incidents, guiding the Cyber Security Incident Response Team (CSIRT) through technical investigations and remediation efforts.Develop and conduct regular tabletop exercises and simulations alongside Security, IT, Engineering, Legal, People, and Customer Operations teams to validate our readiness and drive enhancements.Enhance and Automate Security OperationsDesign, implement, and refine detection strategies across our technology landscape (including endpoint, network, cloud, SaaS, and identity) while actively pursuing proactive threat hunting initiatives.Analyze current and developing threats, transforming threat intelligence into actionable detection use cases, playbooks, and risk narratives for leadership consideration.Continuously enhance automation and orchestration, evolving detection, enrichment, and response workflows using scripting and AI-driven techniques to minimize detection and containment times.Enable Security, IT, and Engineering teams by providing reusable workflows, integrations, and comprehensive documentation instead of isolated scripts.Manage relationships with Managed Detection and Response (MDR), Security Operations Center (SOC), and other security vendors, ensuring playbooks and runbooks align with HUMAN’s threat landscape.Collaborate with engineering and cloud platform teams to strengthen security monitoring practices.

About the Role Sigma Computing is hiring a Senior Security Engineer II focused on Threat Detection and Response for our Security Engineering team in New York City. This position acts as the technical subject matter expert for threat intelligence, detection, and response. The role partners closely with Security, Platform, Product, and Engineering teams to reduce risk and strengthen our defenses at scale. Responsibilities include translating Cyber Threat Intelligence (CTI) into practical security strategies and reinforcing our architecture to guard against modern attack techniques before they can impact our systems. Beyond platform management, this engineer will write production-grade code, design scalable detection systems, automate security responses, and build proactive controls. A strong understanding of cloud, identity, application, and data attack vectors is essential. What You’ll Do Adversary Response Planning: Develop and maintain a comprehensive adversary response strategy that connects organizational risks to specific threat actor tactics, techniques, and procedures (TTPs). Cross-Functional Leadership: Act as a subject matter expert for Infrastructure, Engineering, and Security teams. Guide the adoption of proactive security measures and help integrate security best practices throughout the development lifecycle and company infrastructure. Proactive Threat Modeling: Lead collaborative threat modeling for new products and infrastructure. Support cloud platform, Engineering, and IT teams in identifying and mitigating architectural vulnerabilities before deployment. Continuous Detection Engineering: Build, refine, and continually improve a library of high-fidelity detections. Ensure alerting mechanisms adapt to new exploitation methods and evolving industry standards. Industry Alignment: Stay current with the latest security developments (such as CISA advisories and new MITRE techniques) to keep Sigma’s controls aligned with industry standards. Resilience Testing & Training: Design and run incident response simulations and tabletop exercises. Educate non-security teams on their crisis roles and identify any weaknesses in our layered defense approach. Advanced Incident Management: Lead advanced incident response efforts to ensure security incidents are managed quickly and effectively.

Join Ramp as a Lead Detection & Response Specialist, where you will spearhead our cybersecurity efforts to protect our systems and data. You will play a crucial role in identifying, investigating, and responding to security incidents. Collaborate with a team of experts to implement proactive measures that ensure the integrity and security of our digital assets.

Role overview Peloton Interactive, Inc. is hiring a Security Engineer with a focus on Incident Response. This hybrid position is based in New York City, NY, and plays a key role in supporting Peloton’s Security Program. The schedule includes part-time telecommuting. Key responsibilities Research and analyze intelligence data from a variety of sources to support threat-hunting activities. Monitor vulnerabilities, track threat actors, and stay informed about indicators of compromise (IOCs). Identify actionable intelligence and highlight emerging threats relevant to Peloton’s environment. Provide insights into anomalies and possible malicious activities across the enterprise. Collaborate with Security Engineering and Security Operations Center teams to establish baselines for user behaviors and events. Develop new detection methods and response workflows to strengthen incident response capabilities. Triage security incidents and assist with investigations alongside internal teams. Recommend and implement countermeasures based on analysis findings. Create and maintain playbooks for security incidents. Prepare analytical reports for management and senior leadership. Work location This position is based at Peloton Interactive’s New York, NY offices. Part-time remote work is available as part of a hybrid schedule.

Join xAI as a Senior Security Engineer / Analyst to lead our security threat management initiatives. In this pivotal role, you will oversee the identification and management of potential security incidents, collaborating closely with partner teams on known or suspected threats. Your expertise will enhance our threat intelligence, threat hunting, incident response, and intrusion detection efforts, ensuring we adhere to and advance industry best practices.

Welcome to OktaOkta is recognized as the world's leader in identity solutions, empowering users to securely access any technology, anywhere, on any device or application. Our innovative platforms, including the Okta and Auth0 offerings, are designed to provide secure access, robust authentication, and seamless automation, placing identity at the heart of business security and growth.At Okta, we embrace diverse perspectives and experiences. We seek lifelong learners and individuals who can contribute to our mission with their unique insights.Become a part of our vision! We are dedicated to creating a world where identity truly belongs to the individual.We are looking for a Director of Product Management for Identity Threat Detection and Response, a pivotal leadership role focused on advancing Okta's innovative identity security products. This position requires a solid technical background, a strong sense of product intuition, expertise in cybersecurity, and exceptional collaboration skills to influence the strategic direction of our security offerings. You will leverage your cross-functional influence to drive critical initiatives within this essential area.Based on the robust Okta Identity Cloud, our goal is to offer the most comprehensive, user-friendly, and secure Identity Security product suite available. This team oversees products such as Okta Identity Threat Protection with Okta AI, Okta ThreatInsight, and Okta Network Zones, among other vital security functionalities. Our customers rely on these solutions to protect their digital assets and ensure secure access for their users. Your role will be crucial in seamlessly integrating security into every aspect of our products.Success in this position requires a profound understanding of customer security needs, empathy for both end-user and administrator experiences, and the ability to strategically prioritize amidst competing demands from diverse Okta teams.

As a Senior Security Engineer focused on Detection & Response at Justworks, you will play a critical role in enhancing our security posture and protecting our clients' data. You will be responsible for designing and implementing advanced detection and response strategies to identify and remediate threats swiftly. Collaborating with cross-functional teams, you will lead initiatives to improve our security operations and ensure compliance with industry standards.

Role overview The City of New York is hiring an Incident Responder to help safeguard municipal digital systems. This position centers on identifying security incidents, investigating potential threats, and coordinating remediation efforts to protect city technology infrastructure. What you will do Detect and respond to cybersecurity incidents affecting city systems. Investigate incidents to determine their causes and assess their impacts. Create and carry out remediation plans to address identified vulnerabilities. Collaborate with departments across New York City to improve cybersecurity practices. Assist in meeting regulatory and security standards compliance requirements. Work location This role is based in New York City.

About incident.ioAt incident.io, we pride ourselves on being the premier AI incident response platform designed to significantly enhance incident response times and boost reliability. Our platform seamlessly integrates on-call management, incident response, AI SRE, and status pages, providing teams with the essential tools they need to react rapidly, minimize downtime, and keep customers informed.Since our inception in 2021, we have empowered over 1,500 organizations, including industry giants like Netflix, Airbnb, and Block, to manage more than 500,000 incidents effectively. Each month, thousands of responders spanning Engineering, Product, and Support utilize incident.io to restore services with greater speed, maintain alignment under pressure, and prioritize impactful development.We are a rapidly expanding and ambitious team that is deeply committed to our clients, product excellence, and creating exceptional experiences. With $100M raised from leading investors such as Index Ventures, Insight Partners, and Point Nine, along with insights from founders and executives of renowned tech firms, we are poised for significant growth.The TeamOur Commercial division is one of the most dynamic sectors within incident.io, catering to early-stage startups and mid-market companies across North America. We are accelerating our growth in this area by expanding our workforce, increasing Annual Contract Value (ACV), and developing a scalable, high-velocity sales strategy.If you are enthusiastic about selling innovative SaaS solutions with robust product-market fit and enjoy collaborating with a vibrant team to make a tangible difference in how organizations manage critical incidents, you will thrive here.As an Account Executive, you will leverage advanced tools such as Salesforce for CRM, LinkedIn Sales Navigator for lead generation, HubSpot for marketing automation, and Omni for analytics and reporting.

About incident.ioincident.io is the foremost AI-driven incident response platform, designed to assist teams in significantly decreasing incident response times and enhancing reliability. Our platform integrates on-call management, incident response, AI SRE, and status updates, providing teams with the essential tools needed to respond swiftly, minimize downtime, and keep customers informed.Since our inception in 2021, we have empowered over 1,500 companies, including Netflix, Airbnb, and Block, managing more than 500,000 incidents. Each month, tens of thousands of responders across Engineering, Product, and Support utilize incident.io to restore services efficiently, maintain alignment under pressure, and concentrate on delivering value.Our rapidly expanding team is driven by ambition and a profound commitment to our customers, product excellence, and creating exceptional experiences. We have successfully raised $100M from Index Ventures, Insight Partners, and Point Nine, alongside founders and executives from leading technology firms.The TeamAs a Business Development Representative, you will be at the forefront of our growth strategy, initiating essential conversations with prospective customers. Your role is not merely to introduce incident.io, but to create memorable first impressions and pave the way for enduring partnerships.Our BDRs are the driving force behind our sales pipeline, engaging with high-potential prospects through various channels and propelling our sales momentum. With strong early results, we are poised to rapidly scale this initiative.Joining us at this moment means taking on a high-impact role where your contributions will shape our sales strategy, bolster our go-to-market efforts, and drive growth across the company. You will collaborate closely with Account Executives and sales leaders to make a tangible and lasting impact.

The Security Incident Response Team (SIRT) is integral to safeguarding Datadog from cybersecurity threats. In this pivotal role, you will collaborate with diverse teams to identify, triage, and swiftly respond to an array of security threats, ensuring that incidents are contained promptly. Your contributions will also extend to enhancing our tools and systems, fostering cross-functional learning from incidents to bolster our overall security posture.At Datadog, we value a vibrant office culture that nurtures relationships, collaboration, and creativity. We support a hybrid workplace model, allowing our team members to achieve a harmonious work-life balance.

Join our dynamic Global Safety and Security team at DoorDash, where we prioritize the protection of our people, assets, and brand. As an integral part of our organization, you will play a vital role in managing safety and security risks using innovative technology and a people-first approach. We are committed to being proactive, offering support whenever and wherever needed.About the RoleAs the Critical Incident Response Team (CIRT) Agent, you will be at the forefront of DoorDash's emergency response initiatives. Your responsibilities will include real-time monitoring, triage, and response to incidents affecting our global workforce and operations. You will analyze alerts, coordinate response efforts, and escalate matters according to our Global Safety & Security protocols.This position is critical in ensuring swift, informed, and coordinated actions during emergencies such as natural disasters or workplace incidents. Collaborating closely with regional and global partners, you will help safeguard our employees and ensure seamless operations around the clock.Key ResponsibilitiesSecurity Operations & MonitoringMonitor and evaluate alerts from global intelligence, safety, and security systems to identify potential threats.Conduct patrols to assess behavioral escalations or concerns.Perform routine checks of lobbies and facilities to ensure safety and compliance.Inspect doors, cameras, and access points regularly.Access Control & Visitor ManagementOversee employee and guest badging processes, including badge printing and access level assignments, with experience in systems such as Genetec or Lenel S2 being a plus.Incident Response & SafetyTriage incidents, assessing severity and escalation needs per CIRT procedures.Serve as the first point of contact for incident management.