Manager, Detection & Incident Response

We're seeking a skilled and detail-oriented technical leader to own the day-to-day operations of our Detection and Incident Response team. You'll be responsible for driving our SIEM and SOAR capabilities and incident response program, partnering with teams throughout Squarespace to improve how we spot and respond to threats.

Key responsibilities include:

• Contributing to define, collect, and analyze security KPIs and KRIs for the security organization.
• Developing and implementing a comprehensive detection and response strategy and roadmap aligned with Squarespace's overall business objectives and risk appetite.
• Overseeing the Security Operations Center (SOC) activities, including threat detection, monitoring, analysis, and proactive hunting.
• Owning the health and effectiveness of the SIEM and SOAR platforms, ensuring high-quality data ingestion, alert tuning, and automated response logic.
• Establishing and maintaining a robust incident response program, including defining incident playbooks, leading major incident investigations, and conducting post-incident reviews to drive continuous improvement.
• Designing and leading regular tabletop exercises to test the organization's readiness for various incident scenarios.
• Serving as the Incident Commander for major security events, coordinating with teams such as Legal, Communications, and HR to ensure clear internal communication and regulatory compliance.
• Identifying, evaluating, and implementing new security technologies and tools to enhance detection, prevention, and response capabilities.
• Driving continuous improvement of security operations processes through automation, tooling, and best practices.
• Staying abreast of emerging security threats, vulnerabilities, and industry trends and proactively advising leadership on necessary adjustments to strengthen Squarespace's security posture.
• Building, mentoring, and leading a high-performing team of security professionals, fostering a culture of continuous learning, collaboration, and accountability.
• Acting as a key liaison and trusted advisor to internal stakeholders on security-related matters.
• Managing relationships with external security vendors and partners, ensuring effective service delivery and technology adoption.

Requirements include:

• A bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 7+ years of experience in cybersecurity, with at least 2 years in a leadership or team-lead role.
• Deep expertise in Incident Response and Detection Engineering.
• Strong knowledge of cloud security operations, specifically within AWS or GCP environments.
• Hands-on experience managing and tuning SIEM and SOAR platforms.
• Experience automating security workflows and incident response playbooks to reduce manual effort.
• Familiarity with security frameworks such as MITRE ATT&CK and NIST.
• Excellent communication skills with the ability to lead technical teams during high-pressure incidents and explain complex threats to non-technical stakeholders.
• Knowledge of software development, design, and technical operations.

Benefits include:

• Health insurance with 100% covered premiums for you, your spouse or partner, and your dependent children.
• Life and income protection.
• Fertility and adoption benefits.
• Headspace mindfulness app subscription.
• Global Employee Assistance Program.
• Pension benefits with employer match.
• Flexible paid time off.
• 26 weeks paid maternity leave and 12 weeks paid paternity leave.
• 2 weeks paid family care leave.
• Education reimbursement.
• Employee donation match to community organizations.
• 7 Global Employee Resource Groups (ERGs).
• Free lunch and snacks.
• Close proximity to cultural landmarks such as Dublin Castle and St. Patrick's Cathedral.