Nebius

Detection & Response Manager

Reposted Yesterday

Be an Early Applicant

Tel Aviv, ISR

In-Office

Senior level

Artificial Intelligence • Information Technology • Consulting

The Role

Lead and mature security operations including SOC, incident response, and automation. Manage red team activities and operationalize threat intelligence.

Summary Generated by Built In

About Nebius:

Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure.

Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI.

Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.

Role Overview

Nebius is seeking a Detection & Response Manager to lead and mature our security operations and adversary defense capabilities.

This role owns SOC operations, incident response, red teaming, and security automation (SIEM & SOAR) across cloud, data center, and enterprise environments.

The ideal candidate combines operational excellence, threat-adversary thinking, and automation-first execution.

Key Responsibilities

Security Operations Center (SOC) Leadership

Own day-to-day SOC operations across cloud, data center, and corporate environments
Define detection strategy aligned to Nebius threat models and crown jewels
Ensure high-quality alerting, triage, escalation, and reporting
Continuously reduce false positives and alert fatigue

Incident Response & Crisis Management

Lead end-to-end incident response for high-severity security incidents
Own incident command during crises (technical, executive, and regulatory coordination)
Ensure post-incident reviews lead to real control improvements
Maintain and regularly test incident response playbooks

Red Team & Adversarial Testing

Manage red team and purple team activities (internal and external)
Translate real-world adversary TTPs into detection and response improvements
Ensure findings from red team exercises are remediated and verified
Partner with product, cloud, and physical security teams on attack simulations

SOC Automation (SIEM & SOAR)

Own SIEM and SOAR strategy, architecture, and roadmap
Drive automation of detection, enrichment, response, and reporting
Integrate identity, cloud, CI/CD, and physical security telemetry
Measure SOC effectiveness using MTTD, MTTR, and coverage metrics

Threat Intelligence & Continuous Improvement

Operationalize threat intelligence into detections and playbooks
Track emerging threats relevant to cloud, AI, and infrastructure providers
Continuously improve detection coverage against prioritized attack paths

What Success Looks Like (12 Months)

Measurable reduction in MTTD and MTTR for high-severity incidents
Majority of high-risk incidents detected internally, not externally
Red team findings consistently detected and contained
SOC automation meaningfully reduces manual effort
Clear, trusted security reporting to CISO and leadership

Required Qualifications

7+ years in security operations, incident response, or threat detection
Proven experience leading a SOC or incident response function
Strong experience with SIEM and SOAR platforms
Deep understanding of:

Cloud security
Identity-based attacks and detection
Endpoint, network, and application telemetry

Experience running or managing red team / purple team activities
Calm, decisive leadership under pressure

Preferred Qualifications

Experience in cloud service providers, hyperscale, or infrastructure companies
Familiarity with GPU / HPC environments or large-scale data centers
Experience with DORA, SOC 2, ISO 27001 incident requirements
Background in threat hunting or offensive security

Key Skills & Attributes

Adversary-minded: thinks like an attacker, not a tool operator
Automation-first mindset
Strong communicator during crises
Data-driven decision making
High ownership, low ego

Why Nebius

Defend one of the most advanced AI and GPU cloud platforms
Influence security architecture at scale
Operate at the intersection of cloud, physical infrastructure, and regulation
Build a modern, high-impact detection & response function

Benefits & Perks:

Competitive compensation
Career growth and learning opportunities
Flexibility and work-life balance
Collaborative and innovative culture
Opportunity to work on impactful AI projects
International environment and talented teams

What's it like to work at Nebius:

Fast moving - Bold thinking - Constant growth - Meaningful impact - Trust and real ownership - Opportunity to shape the future of AI

Equal Opportunity Statement:

Nebius is an equal opportunity employer. We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable law.

Applicants must be authorized to work in the country in which they apply and will be required to provide proof of employment eligibility as a condition of hire.

If you need accommodations during the application process, please let us know.