Security Detection

Would you like to use your security operations expertise and development skills to help transform our Security Operations Center into a leading practice SOC with extended integrations and automation at the world’s largest jewelry brand?

At Pandora we have combined all our tech, digital and data talents to accelerate and drive Pandora’s digital journey. As we are in the process of revamping the digital landscape and strengthening our cyber security posture, we are growing our digital team and searching for a Security Detection and Response Manager to join our growing Cyber Security Operations team who can help us on this journey.

Position:

As the Security Detection and Response Manager, you will be the key link between our internal security operations engineering team and our external SOC analysts. You will play a crucial role in optimizing detection and incident response across the organization. Additionally, you will be responsible for advancing the orchestration and automation of investigations and response actions to the next level.

Having spent the last few years building and refining our technology infrastructure, processes, and playbooks for security operations, we are now seeking an experienced incident manager. This person will drive continuous improvement and facilitate daily collaboration between the SecOps internal engineering team and the external SOC. The role also involves working closely with detection engineering to ensure our detection capabilities align with incident response strategies. We are looking for someone who excels in process creation, documentation, and optimization — not just on paper, but by leveraging our cutting-edge technology tool stack.

You will take charge of coordinating and directing the external SOC team, ensuring effective and seamless incident management and daily cooperation. Moreover, you will be responsible for identifying gaps and areas of improvement in the technologies supporting detection creation and incident management, and you will work with the wider team to enhance these systems. As the internal authority on security incident response, you will act as the primary voice toward our external SOC, ensuring alignment with our ambitions and goals.

You will report directly to the Director of SecOps, with a primary focus on managing the relationship and coordination with the external SOC while driving collaboration with internal engineering teams.

You will be part of an on-call rotation to handle escalations and critical security incidents outside of regular business hours. This is a shared responsibility across the entire SecOps team to ensure swift and effective response to urgent issues, minimizing the impact on the organization.

Key Responsibilities:

• Incident Management & Response : Own the end-to-end process for managing and responding to security incidents, ensuring timely detection, containment, and eradication.
• Support Detection Engineering : Collaborate with internal engineering teams to enhance detection mechanisms, ensuring alignment between detection strategies and incident response.
• MSSP Coordination : Act as the primary point of contact with the external MSSP SOC, ensuring they are properly tasked and guided on incident response activities, escalations, and required actions.
• Process & Engineering Mindset: Identify unmet or unknown gaps in processes and supporting technology related to security incident management, and apply a process-driven and engineering-focused approach to design and implement improved versions of these processes, ensuring continuous enhancement of incident management effectiveness.
• Operational Data Analysis : Utilize operational data from our platforms and interpret feedback from the external SOC to identify and implement improvements in logging, detection, and response actions.
• Incident Reporting & Documentation : Produce documentation of incidents, including timelines, root cause analysis, and lessons learned. Additionally, support the design and implementation of reporting mechanisms to enable data-driven continuous improvement in incident management processes.
• Incident Response Preparedness : Maintain and regularly update incident response plans, align dependencies, and ensure the execution of recurring testing to validate the effectiveness of response actions, ensuring the organization remains prepared for potential security incidents.
• Post Incident Review : Conduct detailed post-incident reviews, analyze response effectiveness, and identify areas for process improvement.
• Training & Awareness : Provide training and guidance to the IT and Security teams on incident management processes, tools, and best practices.

Skills & Qualifications:

• 3+ years of experience working in a cybersecurity operations center or incident management function(s).
• Experience working with SOC teams, including tasking and managing external MSSP teams, and using incident response tools such as SIEM, SOAR, and EDR.
• Experience with incident response frameworks and methodologies, such as NIST, SANS, or similar.
• Experience in process improvement, with a focus on documenting, refining, and enhancing security incident management workflows.
• Proven experience in proactively identifying and improving tooling and processes.
• Strong understanding of network protocols, operating systems, and security technologies.
• Solid understanding of cloud infrastructure, and container-based platforms.
• Ideally, demonstrated experience developing code and automation using Python, PowerShell, or similar.
• Strong quantitative and analytical skills in data manipulation.
• Excellent communication skills, with the ability to effectively convey complex technical issues to non-technical stakeholders.
• Ability to remain calm under pressure and manage multiple incidents concurrently.