Senior Engineering Manager, Precision Defense

Horizon3.ai is a fast-growing, remote cybersecurity company dedicated to enabling organizations to proactively find, fix, and verify exploitable attack vectors. The Senior Engineering Manager will lead the Precision Defense engineering teams, focusing on developing autonomous defenses and improving security controls using insights from the NodeZero platform.

Responsibilities:

• Lead the Precision Defense engineering teams
• Own and scale the engineering teams behind NodeZero’s Precision Defense capabilities
• Build and evolve honeypots, honeytokens, and other deception capabilities that detect real attacker behavior in production environments
• Codify emerging zero-day and n-day threats into tests, targeted checks, and content that proactively alerts customers when they’re exposed and guides fast mitigation
• Validate and improve endpoint detection and response (EDR), identity security, and data protection controls using attacker-validated evidence from NodeZero
• Integrate with SIEM/EDR/ITSM and other detection/control surfaces so NodeZero outputs can tune rules, close gaps, and continuously validate that defenses are working
• Build and lead an organization that closes the loop between offense and defense

Requirements:

• Proven experience leading multiple backend/platform or detection/defense teams, or an engineering org, in a SaaS, cybersecurity, or cloud-scale environment
• Track record of taking products from concept to market — including POCs, MVPs, launches, and iterative improvements — in partnership with Product and GTM
• Comfort operating in an environment with limited dedicated PM capacity, including helping define direction, shaping roadmaps, and setting technical priorities
• Demonstrated ability to manage concurrent initiatives and balance short-term delivery with longer-term platform and product investments
• Highly technical background with expertise in software development and B2B SaaS multi-product platforms
• Deep understanding of scalable backend architecture, data modeling, databases, and distributed systems
• Experience with data pipelines and ETL systems, including performance, reliability, and observability considerations
• Strong grasp of cloud infrastructure concepts (AWS, GCP, or Azure), DevOps, and resilience engineering
• Familiarity with modern detection and response concepts, including EDR, SIEM, threat detection rules, and detection engineering best practices
• Experience or strong interest in offense-informed defense approaches that combine exploitability, attacker behavior, and high-fidelity detections (e.g., tripwires, deception, targeted alerts)
• Comfort collaborating with offensive security, detection/defense, or security operations teams and translating attack paths into practical defensive controls
• Excellent written and verbal communication skills; able to explain complex technical and risk concepts to both engineers and non-technical stakeholders
• Experience working cross-functionally with designers, developers, product managers, customer teams, and GTM
• Strong documentation habits and a bias toward clarity, transparency, and alignment
• Creative, self-motivated, highly energetic, detail- and results-oriented
• “Learn-it-all” attitude, with curiosity about both offensive and defensive security domains
• Strong ability to identify procedural and architectural gaps, implement best practices, and empower teams to ship high-quality features at high velocity
• Bachelor's and/or Master's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience
• Extensive experience in technical leadership and architectural decision-making for complex systems
• Strong background in backend and/or platform engineering, with deep experience designing, scaling, and maintaining distributed systems
• Expertise in at least one modern programming language (Python strongly preferred; Go, Java, C++, or similar also relevant)
• Familiarity with ETL pipelines, data flow orchestration, and database performance optimization (e.g., PostgreSQL, Neo4j, or equivalent)
• Experience working with analytics- or graph-heavy workloads, especially where relationships between assets, identities, alerts, and vulnerabilities matter
• Solid understanding of cloud infrastructure and services (AWS, Azure, or GCP), including networking, compute, and storage fundamentals
• Exposure to infrastructure-as-code and deployment concepts (e.g., Terraform, Docker, Kubernetes, CI/CD tooling)
• Experience with observability and monitoring stacks (e.g., Prometheus, Grafana, Datadog, OpenTelemetry)
• Understanding of security and reliability best practices in a multi-tenant SaaS or cybersecurity environment
• Knowledge of Linux-based systems (e.g., Ubuntu, Kali) and modern development practices for distributed services