Cyber Defense Team Lead

Global Cyber Security

Job title: Cyber Defense Team Lead

Work Location: New Brighton, MN

Reports to: Global Head of Cyber Defense Operations

Role Summary:

The Cyber Defense Team Lead is a key leadership role within our global Cyber Defense Operations function. This position leads our North American cyber defense team, supporting all businesses across the US and Canada while providing day-to-day guidance, technical oversight, and clear direction across incident response, security operations, and analyst development.

This role is an excellent opportunity for an experienced Senior Analyst who is ready to step into formal leadership as part of a long-term progression toward senior security leadership roles, including a potential future CISO path. You will bring strong technical credibility, calm decision-making, concise communication, and the ability to help shape how our cyber defense capability evolves.

Working closely with colleagues in the UK and France, you will ensure consistent global standards, deliver high-quality reporting, and drive continuous improvement across our operations.

Key Responsibilities:

• Team Leadership and People Management. Lead and manage the North America Cyber Defense analysts, providing clear direction, coaching, and day-to-day support. Run regular 1:1s, development conversations, and performance reviews to build capability and maintain high standards. Foster a confident, collaborative team that delivers consistent operational results.
• Incident Response Leadership. Serve as Lead Responder for security incidents, providing calm, structured decision-making under pressure. Lead post-incident reviews, ensure lessons learned are captured, and coordinate closely with IT, Legal, Audit, and the DPO where required. Oversee the on-call schedule and ensure high-quality incident execution across the team.
• Security Operations and Technical Oversight. Act as the technical escalation point for analysts, providing guidance on complex investigations and ensuring high standards of analysis. Partner with our global MSSP to improve alerting, tuning, and automation, and drive continuous optimization across our security operations. Support alignment with UK and European teams to maintain consistency in processes and outcomes.
• Metrics, Reporting and Briefing. Own the North America contribution to the global Monthly Security Operations Brief, ensuring data is accurate, timely, and clearly explained. Work closely with international counterparts to ensure a consistent global view of cyber defense performance.
•  NIST Cybersecurity Framework Progress. Support delivery of the organization’s NIST CSF targets. Track assigned actions, monitor progress, and ensure tasks are completed to the required standard. Coordinate remediation work across teams, remove blockers where possible, and provide clear, regular updates to leadership.
• Business Collaboration. Work closely with colleagues in the UK and France to ensure consistent processes and shared standards across global Cyber Defense Operations. Build strong working relationships with engineering, IT, HR, Legal, Audit, and other stakeholders to support smooth incident response and operational alignment. Represent the North America team in global discussions and help drive coordinated improvements across regions.

Required Skills and Experience:

Essential:

• Previous experience as a Cyber Security Analyst, either directly within a business or providing a service within an MSSP.
• Strong incident response background with clear evidence of sound judgment under pressure.
• Proven ability to lead, mentor or guide junior analysts in day-to-day investigations.
• Clear and concise written and verbal communication skills, with the ability to brief both technical and non-technical audiences.
• Ability to act as the technical escalation point for the security analysts for complex cases and operational decisions.
• Experience with the Azure security stack (Defender, Sentinel, Purview) or comparable technologies such as AWS and other SIEM or SOAR at an advanced level.
• Ability to work effectively with an MSSP and drive tuning, quality, and workflow improvements.
•  Strong analytical skills with the ability to produce actionable, insight-driven recommendations.

Highly Advantageous:

• Experience with Azure Security, Microsoft Sentinel, or the broader Microsoft Defender ecosystem.
• Knowledge of Entra ID, Purview, or related cloud security and governance tools.
• Familiarity with KQL or equivalent query languages from platforms such as Splunk or Elastic.
•  Relevant certifications such as AZ-500, SC-200, GCIH, GCIA, GCED, or AWS Security credentials.
• Experience contributing to or leading improvements in incident response processes, automation, or detection engineering.

Personal Attributes:

• Calm and composed under pressure, with the ability to make balanced, evidence-based decisions.
• Independent thinker who exercises good judgment and knows when to seek input from others.
• Clear communicator who can distill complex issues into concise, practical actions.
• Pragmatic, outcome-focused, and able to build trust with colleagues across technical and non-technical teams.

Benefits and Compensation:

This role will be based out of our New Brighton office. The pay range is $127,600 - $191,800, depending on job-related knowledge, skills, and experience. This position is eligible for annual bonus and profit sharing based on company performance in addition to other benefits that support the total well-being of you and your family. Some benefits include:

• Comprehensive Insurance coverage, Medical, Dental, Vision, and more
• Access to corporate fitness center
• Wellness Program
• 401K with employer match
• Discounted company stock (Employee Stock Purchase Plan)
• Profit Sharing
• Generous paid time off
• Growth opportunities through company sponsored leadership development courses and trainings

This position is not eligible for sponsorship.

All offers of employment are expressly contingent upon the satisfactory completion, in accordance with Company policy, of a pre-employment drug screening and background check.