At Arctic Wolf, you will not just watch the cybersecurity industry evolve – you will help lead the change. Our global team is made up of people who thrive on solving complex problems, moving quickly, and building technology that protects organizations around the world. We are proud to be recognized by Forbes, CNBC, Fortune, CRN, Gartner Peer Insights, and International Data Corporation MarketScape. What matters most is the work behind these recognitions: delivering real outcomes for customers through award-winning innovation such as our Aurora Platform.
If you are looking for meaningful work, smart teammates, and the opportunity to make a real impact in a high-growth company that is redefining security operations, Arctic Wolf is the right place for you.
Our mission is simple: End Cyber Risk.
We are looking for a Manager, Threat Research (Adversary Emulation) to help achieve this mission.
The Manager, Threat Research will contribute to our Arctic Wolf Labs organization by leading a team focused on adversary emulation, threat research, and detection development. This team is responsible for simulating real-world adversary techniques in controlled environments and developing high-quality detection content based on host, network, cloud, and identity telemetry.
This role combines technical leadership, people management, and strategic planning to ensure the successful delivery of innovative detection capabilities that strengthen Arctic Wolf’s ability to identify and respond to emerging threats.
IN THIS ROLE, YOU WILL:
Lead and manage a team of threat researchers and detection developers responsible for adversary emulation and detection content developmentPartner with Product Management, Security Services, Engineering, and Arctic Wolf Labs leadership to define priorities and execute against strategic roadmapsDevelop and deliver high-quality detection content across endpoint, network, cloud, and identity attack surfacesGuide the team in conducting adversary emulation activities to identify detection gaps and improve security coverageSupport the team by providing technical direction, removing obstacles, and ensuring alignment with organizational objectivesExecute and deliver against product and research roadmaps while contributing to longer-term strategy and planningCollaborate with architects and engineering leaders to define and execute technical initiatives and platform improvementsOversee the full software development lifecycle, ensuring quality, scalability, and operational excellenceDrive development of anomaly-based and behavior-based detections with a focus on efficacy, performance, and customer valueEnsure compliance with information security management system requirements, secure coding standards, and acceptable use policiesEstablish and maintain strong relationships with stakeholders across product management, security operations, engineering, and customer-facing teamsDrive continuous improvements in development processes, detection quality, automation, and team effectivenessMonitor team performance, delivery metrics, and project execution to ensure successful outcomesLead recruitment efforts and workforce planning activities to support team growthManage team budgets, training investments, conference participation, and other administrative responsibilitiesRepresent Arctic Wolf through technical leadership, industry engagement, and knowledge-sharing initiatives where appropriateYOU WILL BE SUCCESSFUL IN THIS ROLE IF:
You have 6 or more years of experience in cybersecurity with a focus on threat research, threat detection, detection engineering, or signature developmentYou have at least 3 years of experience leading technical teams within cybersecurity, threat research, penetration testing, or related disciplinesYou have experience developing detection content using host, network, cloud, and identity telemetryYou possess strong knowledge of Windows internals, Windows event logging, and Sigma rule developmentYou have experience working with cloud and identity telemetry, including Amazon Web Services CloudTrail, Microsoft Azure Activity Logs, identity providers, application programming interface activity logs, and email security telemetryYou have strong understanding of network protocols, network security architecture, and network monitoring technologiesYou have experience with intrusion detection and prevention systems, threat intelligence platforms, and Suricata rule developmentYou are proficient in scripting languages such as Python, Bash, or PowerShellYou have experience working with Security Information and Event Management platforms such as Splunk, Elasticsearch, or similar technologiesYou have demonstrated success developing, tuning, and optimizing anomaly-based and behavior-based detectionsYou have experience leading agile software development teams and delivering complex technical projectsYou have a proven history of technical influence through public speaking, research publications, community contributions, or industry engagementYou are passionate about mentoring others and helping detection engineers and researchers develop their technical capabilitiesYou possess strong communication, organizational, and stakeholder management skillsNice to Have:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related fieldProfessional cybersecurity certifications such as Certified Information Systems Security Professional, eLearnSecurity Junior Penetration Tester, Offensive Security Certified Professional, or Offensive Security Certified ExpertExperience conducting adversary emulation, red team, or purple team activitiesExperience working within managed detection and response or security operations environmentsExperience scaling threat research and detection engineering programsWHAT SUCCESS LOOKS LIKE:
Delivery of high-quality detection content that improves Arctic Wolf’s security coverage and customer outcomesSuccessful execution of adversary emulation initiatives that identify detection opportunities and strengthen defensesConsistent achievement of roadmap commitments and team objectivesHigh-performing teams that are engaged, motivated, and continuously developing their skillsMeasurable improvements in detection efficacy, detection quality, and operational efficiencyStrong collaboration across Product Management, Security Services, Engineering, and Arctic Wolf Labs teamsSuccessful recruitment, onboarding, and development of technical talentContinuous improvement of research, development, and detection engineering processesDo not meet all the requirements? That is okay. We still encourage you to apply. We have many opportunities and are always looking for strong talent.
On-Camera Policy
To support a fair, transparent, and engaging interview experience, candidates interviewing remotely are expected to be on camera during all video interviews. Being on camera fosters authentic connection, improves communication, and allows for full engagement from both candidates and interviewers. We understand that technical, bandwidth, or location-related challenges may occasionally prevent video use. If this applies, candidates are required to notify us in advance so we can explore appropriate accommodations.
At Arctic Wolf, we foster a collaborative and inclusive work environment that thrives on diversity of thought, background, and culture. This is reflected in our multiple awards, including Top Workplace United States, Best Places to Work United States, Great Place to Work Canada, Great Place to Work United Kingdom, and Kununu Top Company Germany. Our commitment to bold growth and shaping the future of security operations is matched by our dedication to customer satisfaction, with over 10,000 customers worldwide and more than 2,000 channel partners globally. As we continue to expand and enhance our technology, Arctic Wolf remains a trusted name in the industry.
Our Values
Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion and value the unique perspectives all employees bring to the organization. By protecting sensitive data and working to end cyber risk, we contribute to an industry that serves the greater good.
We celebrate diverse perspectives through our Pack Unity program and encourage employees to participate in or create new alliances.
We also believe in corporate responsibility and have joined the Pledge One Percent movement to give back to our communities.
All employees receive compelling compensation and benefits packages, including:
Equity for all employeesFlexible annual leave, paid holidays, and volunteer daysTraining and career development programsComprehensive private benefits plan including medical insurance for you and your family, life insurance equal to three times compensation, and personal accident insuranceFertility support and paid parental leaveArctic Wolf is an equal opportunity employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under applicable law. We are committed to fostering a welcoming, accessible, and inclusive environment.
Security Requirements
Conduct duties in accordance with Arctic Wolf information security policies, standards, processes, and controlsBackground checks are required for this positionThis role may require access to information protected under United States export control laws and regulations