Vice President, Threat Detection & Response

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24/7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers' protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

Threat Detection & Response (TD&R) is the operational core of the Huntress customer value proposition. This business unit spans our Security Operations Center (SOC) / Security Analysis, Security Triage, Tactical Response, Detection Engineering & Threat Hunting (DE&TH), and Adversary Tactics teams. As the executive leader for this entire ecosystem, you will give the team a clear multi-year direction, strategy, and vision. You are not here to inherit a pre-made plan or just manage daily execution. You are expected to show up with an outcome-obsessed approach to build consensus, map out the strategy, and execute through your leadership bench.

Your discretionary time will be devoted to organizational design, culture, and alignment across the company. You will partner closely with Product, Engineering, Innovation, Data, Support, and Sales to evolve our SOC into an agentic operating model. Repetitive, deterministic investigations will move to automated workflows, freeing your analysts to focus their brilliant human security judgment on complex intrusion analysis. Success means balancing operator rigor, strategic judgment, and organization-building discipline to protect all businesses.

• →

  Lead the entire TD&R function across all sub-departments, taking deep personal ownership of strategic bets, organizational structure, and measurable business outcomes. (Outcome-Obsessed)

• →

  Own the long-term TD&R system design rather than day-to-day queue management, empowering your directors and managers to run with absolute clarity.

• →

  Partner with Product and Innovation teams to execute a credible agentic SOC roadmap, proving that you give more than you take by creating extreme value and building deep trust across internal teams. (Give More Than We Take)

• →

  Drive measurable threat detection and response outcomes, including mean time to detect and respond (MTTx), detection coverage, quality, and operational consistency.

• →

  Lead the major change management and cultural shifts required for the agentic SOC transition, using open candor to address dissent publicly, eliminate toxicity, and build analyst trust through transparency. (Candor)

• →

  Spot systemic operational bottlenecks, tool friction, or analyst burnout risks, and build the solutions yourself without waiting for a formal invitation or permission. (Give a $h*t)

• →

  Build a resilient, unshakeable leadership bench of senior directors and managers who can navigate high-pressure incidents and operational chaos with a calm warrior spirit. (Warrior Spirit)

• →

  Prioritize fast innovation and high-impact security wins, making decisions based on available frontline signals and iterating rapidly to stay ahead of evolving threat actors. (Perfect Imperfection)

• 10+ years of experience leading modern security operations, threat detection and response, incident response, threat hunting, or closely related cybersecurity functions.

• 5+ years of experience leading through other managers and directors across a multi-functional business unit, not just managing a single execution workflow.

• Proven success in creating and executing a strategic plan for a major security function with full accountability for organizational design and resource decisions.

• Strong business judgment and an intellectual honesty that connects security metrics to customer retention, margin, and company growth.

• A clear, technical point of view on where automation scales security operations and where human judgment must remain primary.

• Demonstrated ability to build leadership depth, cultivate a healthy and accountable team culture, and communicate complex technical risks in plain language to board members and executive teams.