Lead - Detect & Response

Role Purpose: 

This role leads Jumio’s Detect and Respond function: responsible for incident response, threat detection, and cyber defense operations across cloud, endpoint, and identity systems. The goal is to strengthen Jumio’s ability to detect, respond, and recover from cyber threats quickly and effectively, while fostering a culture of proactive security across the company.

Role Value: The role directly supports Jumio’s trust, resilience, and compliance goals. By improving detection capabilities, automating response processes, and reducing incident impact, this position helps protect customer data, business operations, and the overall reputation of the company.

Example Responsibilities

• Own and evolve the overall Detect & Respond strategy—influencing technology, engineering, and managed service partners to advance Jumio’s security posture.
• Lead the 24×7 Security Operations Center (SOC) and govern the end-to-end incident response lifecycle (prepare → detect → contain → eradicate → recover → lessons learned).
• Manage external IR retainers, vendors, and threat intelligence services, ensuring relevant intelligence is contextualized and acted upon.
• Oversee detection engineering and threat hunting across Panther SIEM, CrowdStrike Falcon, and Okta/AWS telemetry.
• Support the creation, maintenance, and embedding of incident response playbooks and escalation processes.
• Ensure all D&R controls, processes, and automations operate effectively and are continuously improved.
• Lead security crisis simulations, tabletop exercises, and post-incident reviews to improve organizational readiness.
• Interface with Engineering, IT, and Product teams to guide security design, response preparedness, and operational controls.
• Track and report KPIs/KRIs (e.g., MTTD, MTTR, detection coverage %, incident closure rate, SIEM ingestion efficiency).
• Identify, document, and report risks to the CISO and executive stakeholders.
• Manage CSIRT relationships, escalation protocols, and cross-team coordination during major incidents.
• Oversee and support penetration testing, vulnerability management, and red/purple team exercises.
• Drive security awareness, empower people, and promote a positive cybersecurity culture across teams.
• Ensure lessons from incidents and exercises feed back into improved detections, playbooks, and training.

Experience and Qualifications 

• 8 years of Experience in Cybersecurity Operations, DFIR, Threat Detection, or SOC leadership, with experience in leading teams.
• Proven success in designing and implementing unified detection and response programs across cloud, endpoint, and identity environments.
• Experience leading investigations against Advanced Persistent Threats (APT), malware, and targeted attacks.
• Deep understanding of AWS Security (CloudTrail, GuardDuty, IAM, KMS, S3, Lambda, EKS) and CrowdStrike Falcon (EDR, CNAPP, Identity, DLP).
• Strong background in SIEM engineering (Panther), threat hunting (KQL/Sigma), and automation using Python.
• Practical experience with incident management, digital forensics, and data breach response.
• Working knowledge of MITRE ATT&CK, ISO 27001, SOC2, and PCI DSS frameworks.
• Experience managing and optimizing partnerships with third-party security providers and MSSPs.
• Excellent analytical, communication, and leadership skills with a structured, hands-on approach.
• Relevant certifications such as CISSP, CISM, CEH, or GIAC preferred.
• Fast learner, adaptable, and capable of operating in a global, fast-paced, and collaborative environment.

Key Characteristics and Attitudes 

In a recent global survey these attributes were valued by Jumios in all locations and functions - we firmly believe in hiring for attitude as well as skill. 

• Friendly and supportive
• Adaptable and flexible
• Articulate and persuasive
• High IQ and EQ
• Curious and coachable
• Commercially Aware
• Resilient and tenacious
• Big picture and the detail

Jumio Values 

• IDEAL: Integrity, Diversity, Empowerment, Accountability, Leading Innovation

Progression
This is an opportunity to shape a global capability from the ground up. The role will move from a senior, hands-on, contributor into a team lead. Continual learning is highly encouraged at Jumio, especially within security where up to date skills and qualifications are highly valued. 

@Work
Our newest office, Jumio is next to Walmart Labs in Helios Business Park and growing fast. A hub of technical excellence with Machine Learning enablement at its core the engineers and team are committed to learning and innovation.

Company 
Jumio is the future for online and mobile ID verification. We are the largest and fastest growing company in the ID verification space. With a global footprint, we’re expanding the team to meet strong client demand across a range of industries including Financial Services, Travel, Sharing Economy, Fintech, Gaming, and others. 

Equal Opportunities 

Jumio is a collaboration of people with different ideas, strengths, interests and cultures. We welcome applications and colleagues from all backgrounds and of all statuses.