Cybersecurity Detection Engineering Manager

KLA is a global leader in diversified electronics for the semiconductor manufacturing ecosystem. Virtually every electronic device in the world is produced using our technologies. No laptop, smartphone, wearable device, voice-controlled gadget, flexible screen, VR device or smart car would have made it into your hands without us. KLA invents systems and solutions for the manufacturing of wafers and reticles, integrated circuits, packaging, printed circuit boards and flat panel displays. The innovative ideas and devices that are advancing humanity all begin with inspiration, research and development. KLA focuses more than average on innovation and we invest 15% of sales back into R&D. Our expert teams of physicists, engineers, data scientists and problem-solvers work together with the world’s leading technology providers to accelerate the delivery of tomorrow’s electronic devices. Life here is exciting and our teams thrive on tackling really hard problems. There is never a dull moment with us.

• Define detection engineering strategy, roadmap, and objectives, aligning priorities with the Security Operations Center.
• Manage and inspire a global team of cybersecurity engineers focused on supporting our Global Cyber Operations Team to monitor, optimize, and continuously improve detection systems for performance, scalability, and effectiveness.
• Analyze historical and current KLA security data and red team/purple team activities to determine opportunities for custom rule creation or tuning of existing detections.
• Collaborates with Security Operations Center (SOC) team to continuously build and tune detection capabilities to detect across identity, network, and endpoint monitoring platforms to drive down Mean Time to Detect and Respond (MTTD / MTTR).
• Experience with supporting multiple security related technologies, such as SIEM, SOAR, intrusion detection/prevention systems (IDS/IPS), firewalls, endpoint solutions, data loss prevention (DLP), or other cyber security tools.
• Design and implement advanced threat detection techniques using tools such as SIEM, EDR, NDR, and SOAR platforms.
• Manages and maintains SIEM/Data Lake data management and log ingestion infrastructure in collaboration with IT partners.
• Partner with the Cyber Threat Intelligence team and leverage industry standard MITRE frameworks to identify detection coverage and close gaps.
• Maintains operational guidelines, diagrams, and documentation.
• Lead continuous process improvement and ensure the team is identifying opportunities for automation and fusion of disparate sources of security findings.

• Minimum seven (7) years in cybersecurity, including at least 2 years in a leadership or managerial role
• Proven track record in incident detection, response, and threat hunting across complex, global environments.
• Deep understanding of security technologies such as SIEM, SOAR, intrusion detection/prevention systems (IDS/IPS), firewalls, endpoint solutions, data loss prevention (DLP), or other cyber security tools.
• Excellent leadership and interpersonal skills with the ability to influence and partner across both technical and non-technical teams.
• Willingness to travel up to 25% domestically and internationally as business needs require.

Base Pay Range: $0.00 - $0.00 Annually Primary Location: USA-MI-Ann Arbor-KLA KLA’s total rewards package for employees may also include participation in performance incentive programs and eligibility for additional benefits including but not limited to: medical, dental, vision, life, and other voluntary benefits, 401(K) including company matching, employee stock purchase program (ESPP), student debt assistance, tuition reimbursement program, development and career growth opportunities and programs, financial planning benefits, wellness benefits including an employee assistance program (EAP), paid time off and paid company holidays, and family care and bonding leave.