[Hiring] Head of Cyber Defense @Mitiga

Role Description

We’re looking for an exceptional Head of Cyber Defense to join our growing global team at Mitiga.

This is a senior player-coach role - combining deep technical expertise in cloud, SaaS and AI security with a strong customer-facing presence. You'll lead Mitiga's managed CDR service, drive intelligence-led threat hunting, and conduct forensic investigations across cloud, SaaS, AI and identity environments. Sitting within Engineering, you'll work closely with R&D and Product to drive automation and AI adoption, building detection and response capabilities that scale beyond manual operations. US-based leadership is intentional: Mitiga's enterprise customers require direct engagement, rapid escalation, and executive-level communication in their time zones.

What You'll Do:

• Managed CDR: Monitor, triage, and respond to detections across cloud, SaaS, AI and identity; own customer-facing communication during active events within defined SLAs; maintain 24/7 team readiness.
• Threat Hunting & Research: Design and lead intelligence-driven proactive hunting campaigns (MITRE ATT&CK, CISA, vendor intel); translate findings into platform-native automated detections; contribute published research and threat reports.
• Incident Response: Personally lead S1/S2 forensic investigations end-to-end: scoping, evidence collection, analysis using Mitiga's Helios AI platform, attribution, and executive-quality reporting.
• Customer & Commercial Engagement: Serve as the primary technical authority for enterprise customers; support sales cycles, QBRs, and EBRs; surface field-observed detection gaps to Engineering with context and accountability.
• Automation & AI: Identify toil across CDR, hunting, and IR workflows; partner with Engineering to systematically automate; champion agentic SOC tooling and LLM-assisted triage.
• Team & Thought Leadership: Hire, develop, and retain a global team of 5 analysts, responders, and hunters; represent Mitiga at industry events; author blog posts and threat intelligence content grounded in real operational depth.

Qualifications

• 8+ years of hands-on experience in cloud incident response, threat hunting, or security operations.
• Deep cloud and SaaS expertise: AWS, Azure, GCP, Salesforce, GitHub, Okta, Microsoft 365, Google Workspace.
• Strong command of attacker TTPs (MITRE ATT&CK for Cloud/SaaS), forensic analysis, and log-based investigation methodology.
• Experience designing detection logic, hunting playbooks, or automation workflows — not only executing them.
• Proven track record of direct, high-quality customer engagement with both technical practitioners and C-suite stakeholders.
• Experience managing and mentoring a team; ability to build operational process and culture from an early foundation.

Requirements

• Conference presentations, published research, or media coverage in cloud/AI/SaaS security.
• Hands-on experience with Python, KQL, SPL, or Databricks for investigative data analysis.
• Experience implementing AI-assisted tooling or agentic workflows in a security operations context.
• Background working within or alongside a high-growth security vendor.

Benefits

• Benefits package including health insurance (medical, dental, vision).
• 401k plan with match.
• Unlimited PTO.
• Cell phone charges reimbursement.
• Top-of-the-line equipment.
• And more.

Company Description

Mitiga preemptively detects and stops attacks before damage is done. Mitiga moves your security beyond configuration-focused prevention. In today’s cloud-first, AI-driven world, attackers inevitably get in. Mitiga promptly stops them. Our platform connects Cloud, SaaS, AI, and Identity into one panoramic forensic system that gives SecOps total awareness, attack decoding, and autonomous containment. The result: attacks stop mid-flight, investigations are instant, and impact disappears. We replace the false promise of “zero breach” with a promise we can keep - Zero Impact. When attackers get in, Mitiga ensures they get nothing.