Key skills
PythonRSplunkLeadershipCommunication
About this role
Ciena is a global leader in high-speed connectivity committed to a people-first approach. They are seeking a hands-on technical leader to design, build, and operationalize a Detection Engineering capability across their product lines, ensuring products are more observable and defensible.
Responsibilities:
- Lead the design and implementation of Ciena’s Detection Engineering framework, covering logging, auditing, alerting, TTP-based detections, vulnerability exposure checks, and hardening compliance automation
- Define logging and telemetry standards for product teams, ensuring events are structured, consistent, and SIEM-ready
- Translate findings from Pen Testing, PSIRT, and Threat Intelligence into reusable, product-specific detections and alert packs
- Architect and maintain custom detection scripts and automation
- Develop metrics and dashboards to measure Mean Time to Detect (MTTD), detection precision, coverage, and compliance posture
- Partner with R&D, PLM, and Compliance teams to embed detection checkpoints into the product lifecycle and ensure regulatory alignment (NIST, ISO, EU CRA, NIS2, etc.)
- Mentor engineers on detection rule creation, data quality, and event design
- Present program progress and outcomes to senior leadership, security councils, and customer security reviews
Requirements:
- Strong experience in security engineering, telemetry, SIEM integrations, detection content development
- Ability to bridge product development, PSIRT, and offensive security insights into actionable detections
- Lead the design and implementation of Ciena's Detection Engineering framework, covering logging, auditing, alerting, TTP-based detections, vulnerability exposure checks, and hardening compliance automation
- Define logging and telemetry standards for product teams, ensuring events are structured, consistent, and SIEM-ready
- Translate findings from Pen Testing, PSIRT, and Threat Intelligence into reusable, product-specific detections and alert packs
- Architect and maintain custom detection scripts and automation
- Develop metrics and dashboards to measure Mean Time to Detect (MTTD), detection precision, coverage, and compliance posture
- Partner with R&D, PLM, and Compliance teams to embed detection checkpoints into the product lifecycle and ensure regulatory alignment (NIST, ISO, EU CRA, NIS2, etc.)
- Mentor engineers on detection rule creation, data quality, and event design
- Present program progress and outcomes to senior leadership, security councils, and customer security reviews
- Excellent communication skills to interface with product managers, engineers, and executive stakeholders
- Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field
- 8+ years in security engineering, detection engineering, or product security
- Strong understanding of logging architectures, telemetry design, and SIEM technologies (Splunk, QRadar, Elastic, Sentinel, etc.)
- Hands-on experience with threat detection logic, MITRE ATT&CK mapping, and detection-as-code principles
- Proficiency in Python, JSON, and scripting for automation and data normalization
- Familiarity with NIST 800-53, ISO 27001, CIS Benchmarks, and industry regulatory requirements for logging and monitoring
- Experience working with vulnerability management, PSIRT processes, or red/blue team findings