Director, Threat Detection & Response

Director, Threat Detection & Response

North- Remote, US

What you'll be doing:

• Oversee the monitoring of security events and incidents to ensure timely detection, analysis, and response to ensure fraud and financial losses are prevented.

• Develop and lead Threat Hunting and Detection Engineering functions to implement proactive threat hunting and detection strategies that identify and mitigate potential threats to the payments ecosystem that could lead to financial or other losses.

• Develop and lead a Cyber Threat Intelligence function to identify and report on emerging threats and trends in the financial and payments industry.

• Develop and maintain Incident Response plans including playbooks and escalation procedures for fraud and financial crime scenarios.

• Conduct post-incident analysis (root cause analysis), oversee forensic investigations, and collaborate with various teams for a coordinated response and continuous improvement on the risk posture of North to prevent financial loss

• Lead tabletop exercises with senior management and executive leadership teams related to cyber risk and fraud.

• Provide leadership and direction to the team: Set clear goals, expectations, and priorities, ensuring alignment with overall company objectives. Foster a positive, collaborative, and results-driven team environment.

• Manage team performance and development: Oversee day-to-day activities, provide regular coaching and feedback, conduct performance reviews, identify training needs, and support career growth opportunities for team members.

What we need from you:

• Bachelor's degree in Computer Science, Cyber Security or related field.

• 10+ years of experience in Cybersecurity or related fields. (Threat Hunting, Malware Research, Red Teaming)

• Hands-on experience is critical for understanding the complexities and challenges of managing security incidents, hunting and detection across different environments.

• Strong background in cybersecurity domains including: Vulnerability exploitation detection; Malware identification and Reverse Engineering; security content and signature development

• Experience conducting hunts or incident response across networks, endpoints, cloud and application environments.

• Demonstrated ability to interpret and write automated scripts and programming code to support detection efforts.

• Working knowledge of TTPs used for EDR evasion, vulnerability and zero-day exploitation investigations (network, endpoint, application level).

• Proficiency and hands-on experience with Incident Response tools, protocols, and analysis techniques is crucial; including knowledge of:
  *Endpoint Detection and Response (EDR) tools;
  *Network and memory forensics;
  *Deep understanding of network protocols and network traffic analysis; familiarity with packet capture analysis;
  *Experience with log and SIEM analysis to detect malicious activity;
  *Proficiency in cloud platforms and their security tools and the ability to handle close-specific events and incidents;
  *How Artificial Intelligence (AI) and Machine Learning (ML) are used in threat detection and response.

• Ability to create detailed and clear incident reports for technical and non-technical stakeholders.

• Must have a deep understanding of cybersecurity principles, including knowledge of threats, vulnerabilities, and risk management. Should be familiar with various types of attacks, such as credential stuffing, ransomware, malware, phishing, and DDoS attacks, and how to respond to them.

• A thorough understanding of incident response procedures is crucial. This includes knowledge of how to identify an incident, assess its impact, contain it, eradicate the threat, recover from it, and conduct a post-incident lessons learned review.

• Knowledge of digital forensics to investigate security incidents. This includes understanding how to preserve evidence, analyze system logs, and conduct root cause analysis.

• Experience in identifying and leveraging cyber threat intelligence resources (reports, TTPs, IOCs, YARA rules, etc.) for response, detection and hunt.

• Knowledge of and practical experience with Kill Chain, Diamond and MITRE ATT&CK frameworks.

• Familiarity with developing and implementing disaster recovery plans to ensure business continuity in the event of a security breach is beneficial.

We prefer:

• Certifications such as GDAT, GCIH, GPEN, GCTI.

Salary Range: $175,000- $245,000

Pay within this range varies by work location and on job-related knowledge, skills, and experience. We look forward to discussing your salary expectations and our full total rewards offerings throughout the interview process.

What we offer: 

We offer a comprehensive benefits package that enables our teams to live a life well lived, both personally and professionally. Some of our perks include:

• Medical, Dental, & Vision Coverage

• Flexible Paid Time Off

• 401(k) + Match

• Mental Health Support & Well-Being Program

• Paid Maternity & Paternity Leave

• Education Assistance

• Company-funded Lifestyle Spending Account

Please note: North is a US based company and this role is not eligible for current or future sponsorship.

Let’s go North, together. 

Join our mission to build the largest suite of credit card processing and merchant services. It’s one simple payment platform backed by the most diverse payment companies. From credit card processing to back-office management, North points the way to smarter, faster, and just plain better payment solutions.

Who we are: 

North, and our family of companies, are committed to helping entrepreneurs grow their businesses. As an end-to-end payment solutions company, we provide everything business owners need to get paid, whether they serve customers in a physical storefront, online, or both. We pride ourselves on being large enough to offer customized solutions to our enterprise-level clients while remaining agile enough to take an award-winning, hands-on approach to personal service that our merchants won’t find anywhere else.

Let’s go North, together! Our most important resource is our people. Join our diverse team of innovators and do-ers and make your mark on the future of payments technology. We're proud to offer benefits that help our team members further their overall well-being through unique initiatives that are both personally and professionally fulfilling. 

At North, we celebrate diversity and create an inclusive environment for everyone. We are an equal opportunity employer.

To learn more about North, and our family of companies, visit our website: north.com