KLA Cybersecurity Detection Engineering Manager 

United States, Michigan, Ann Arbor 

344255024

This position will be responsible for developing the strategy for the Detection Engineering program and establishing metrics to demonstrate continuous improvement. The ideal candidate will possess expert-level knowledge in SIEM implementation and log ingestion, SOAR, along with leveraging Threat Intelligence to enable enhanced detection and Incident Response capabilities. Utilization of data-drivenstrategies, strongverbal and written communication, and leadership skills are a must for this role.

• Define detection engineering strategy, roadmap, and objectives, aligning priorities with the Security Operations Center.
• Manage and inspire a global team of cybersecurity engineers focused on supporting our GlobalCyber OperationsTeam to monitor, optimize, and continuously improve detection systems for performance, scalability, and effectiveness.
• Analyze historical and current KLA security data and red team/purple team activities to determine opportunities for custom rule creation or tuning of existing detections.
• Collaborates with Security Operations Center (SOC) team tocontinuously buildandtune detection capabilitiesto detect across identity, network, and endpoint monitoring platforms to drive down Mean Time to Detect and Respond (MTTD / MTTR).
• Experience with supportingmultiple securityrelated technologies, such as SIEM, SOAR, intrusion detection/prevention systems (IDS/IPS), firewalls, endpoint solutions, data loss prevention (DLP), or other cyber security tools.
• Design and implement advanced threat detection techniques using tools such as SIEM, EDR, NDR, and SOAR platforms.
• Manages and maintains SIEM/Data Lake data management and log ingestion infrastructure in collaboration with IT partners.
• Partner with the Cyber Threat Intelligenceteam and leverageindustry standard MITRE frameworks to identify detection coverage and close gaps.
• Maintains operational guidelines, diagrams, and documentation.
• Lead continuous process improvement and ensure the team is identifying opportunities for automation and fusion of disparate sources of security findings.

Minimum Qualifications

• Minimum seven (7) years in cybersecurity, including at least 2 years in a leadership or managerial role

• Proven track record in incident detection, response, and threat hunting across complex, global environments.

• Deep understanding of security technologies such as SIEM, SOAR, intrusion detection/prevention systems (IDS/IPS), firewalls, endpoint solutions, data loss prevention (DLP), or other cyber security tools.

• Excellent leadership and interpersonal skills with the ability to influence and partner across both technical and non-technical teams.

• Willingness to travel up to 25% domestically and internationally as business needs require.

or at +1-408-352-2808

. Please ensure that you have searched