The Director of Engineering for Threat Detection & Response at Worldwide Flight Services is a senior cybersecurity leader responsible for global security tool engineering and incident operations. This remote position requires extensive experience in threat management and incident response, focusing on safeguarding data and systems.
About WFS Join our Worldwide Flight Services family and contribute to the timely delivery of cargo shipment, luggage, business to customer delivery, and on-time flights while operating safely and securely. We perform at the highest level for our customers every day, and strive to be an exceptional leader in our industry with our teams of cargo, passenger, ramp handling, and technical service experts in 164 airport locations, 18 countries, and on 5 continents. Are you ready to take off on your next career with us? Job Summary The Director Engineering, Threat Detection and Response is a senior cybersecurity leader responsible for both security tool engineering and security incident operations on a global scale. Responsibilities • Lead the organization's global security engineering, threat detection, and incident response function, ensuring alignment with cybersecurity program objectives, regulatory compliance, and operational needs. • Develop and maintain the threat detection and incident response program strategy, operational readiness (table-top exercises, purple team testing), and metrics. • Lead the operational practices that identify cyber threats, vulnerabilities, and design countermeasures to safeguard protected data and systems. • Lead proactive threat hunting initiatives to identify and mitigate hidden vulnerabilities or evolving risks through a combination of internal expertise and 3rd party partners. • Develop cybersecurity analysts' skills to hunt malicious indicators, TTPs, network communications and behavior to close detection gaps. • Manage the portfolio of security technologies and tools (e.g., SIEM, EDR, IDS/IPS, SOAR, firewalls, identity management platforms). • Oversee the lifecycle management of security tools - from initial deployment and configuration through tuning, integration, scaling, and eventual decommissioning or replacement. • Ensure that security tooling and infrastructure are effectively protecting on-premises and cloud environments at scale. • Lead, mentor, and develop a distributed team of cybersecurity engineers and incident responders. • Foster a culture of innovation and continuous improvement within the team. • Provide comprehensive reporting and dashboards to executive stakeholders, demonstrating program effectiveness, and areas for enhancement. Minimum Requirements • Bachelor's Degree Required. • Currently hold cybersecurity certifications such as GIAC GCIH, CEH, CISSP, and others preferred. • Ongoing commitment to training and professional development in cybersecurity (through conferences, courses, and certifications) to stay current with industry best practices. • Minimum of 15 years experience equivalent threat management & incident response experience. • Threat Detection & Analysis (leveraging SIEM tools, IDS/IPS, endpoint detection, log analysis, etc.). • Incident Response & Management (developing response plans, executing playbooks, forensic investigations, root cause analysis). • Threat Hunting (identifying undetected threats through proactive analysis and hypothesis-driven investigation). • Security control engineering and the interoperation between tools across domains (e.g., integrating EDR with SOAR). • Network Security (TCP/IP protocols), firewalls, intrusion prevention systems, and network traffic analysis. • Security Orchestration, Automation & Response (SOAR) platforms for streamlining detection and response processes through scripting/automation for log analysis, threat correlation, and incident triage tasks. • Operating System and Cloud Security (securing environments including Windows, Linux, AWS, Azure, GCP, and hybrid infrastructures). Preferred Skills • Knowledge of regulatory frameworks (e.g., GDPR, NIST CSF, ISO 27001) and how incident response ties into compliance requirements. • Ability to translate technical findings into actionable insights for stakeholders at all organizational levels. • Proficiency in turning security KPIs (e.g., MTTD, MTTR, detection coverage) into clear dashboards and executive briefings using platforms such as Power BI, Grafana, or Tableau, enabling data-backed program decisions. • Level-headed and process focused. • Detail-oriented and organized. • Proactive and curious (keep up with the evolving threat landscape). • Collaborative and diplomatic (ability to partner with a global team is key). • Adaptable and resilient. • Accountable and results-focused. • Establish and monitor KPIs such as detection coverage, mean time to detect (MTTD), mean time to respond (MTTR), and other metrics to enhance the organization's threat detection, response, and incident resolution rates. • Minimal international travel for team alignment and incident retrospectives. Physical Requirements/Working Conditions • Minimal international travel for team alignment and incident retrospectives (~10%). • Some domestic travel for project rollouts and NA IT group meetings (~10%). • Remain in a stationary position 50% of the time. • Constantly operates a computer and other office productivity machinery. • Handle/grasp documents or office equipment. • Sit and/or stand for short or extended periods. • Work in an office environment using standard office equipment. • Talk, listen, and speak clearly on the telephone. Perks & Benefits • Want your pay in advance? Access your pay when you need it through DailyPay app! • Are you a top performer who thrives on recognition? On the spot awards offered through the Awardco Platform including gift cards and more! • Need quality medical care? Multiple options for both full and part-time employees! • Want WFS Employee Extras? Travel Discounts, Pet insurance, Discount Shopping & More! • Looking to stay healthy and improve your life? Wellness Programs offered to all employees! • Want to invest in your future? 401k program offered with company match! • Looking to grow and have a career with us? Opportunity for Internal Mobility and transfers available! WFS is an equal opportunity employer committed to employment equity and inclusion. We accept applications from all qualified individuals.
The Director of Engineering for Threat Detection & Response at Worldwide Flight Services is a senior cybersecurity leader responsible for global security tool engineering and incident operations. This remote position requires extensive experience in threat management and incident response, focusing on safeguarding data and systems.
GuidePoint Security is seeking an IGA Architect with Entra ID Governance experience for a fully remote position in the US. The role involves implementing and enhancing identity governance solutions.

The Director of Data Engineering and Architecture will lead the development of a modern data platform on Microsoft Azure for a global enterprise. This fully remote position requires extensive experience in data engineering, architecture, and cloud-native solutions.
SitusAMC is seeking a Sr. Security Operations and Engineering leader to oversee security operations and engineering efforts, ensuring robust cybersecurity measures. This remote role requires strategic thinking and strong leadership skills to manage a global team and enhance security posture.

UKG is seeking a Lead Data Scientist to drive data initiatives and analytics innovation in workforce management and human capital management. This role involves designing data pipelines, building predictive models, and mentoring junior data scientists.
The Director of Data Analytics Engineering at Empower Pharmacy leads the development of an enterprise-wide data analytics platform to enhance operational excellence and healthcare innovation. This role requires deep expertise in modern data technologies and a strong leadership background in data engineering.
The Director of Engineering for Threat Detection & Response at Worldwide Flight Services is a senior cybersecurity leader responsible for global security tool engineering and incident operations. This remote position requires extensive experience in threat management and incident response, focusing on safeguarding data and systems.
GuidePoint Security is seeking an IGA Architect with Entra ID Governance experience for a fully remote position in the US. The role involves implementing and enhancing identity governance solutions.

The Director of Data Engineering and Architecture will lead the development of a modern data platform on Microsoft Azure for a global enterprise. This fully remote position requires extensive experience in data engineering, architecture, and cloud-native solutions.
SitusAMC is seeking a Sr. Security Operations and Engineering leader to oversee security operations and engineering efforts, ensuring robust cybersecurity measures. This remote role requires strategic thinking and strong leadership skills to manage a global team and enhance security posture.

UKG is seeking a Lead Data Scientist to drive data initiatives and analytics innovation in workforce management and human capital management. This role involves designing data pipelines, building predictive models, and mentoring junior data scientists.
The Director of Data Analytics Engineering at Empower Pharmacy leads the development of an enterprise-wide data analytics platform to enhance operational excellence and healthcare innovation. This role requires deep expertise in modern data technologies and a strong leadership background in data engineering.
The Director of Engineering for Threat Detection & Response at Worldwide Flight Services is a senior cybersecurity leader responsible for global security tool engineering and incident operations. This remote position requires extensive experience in threat management and incident response, focusing on safeguarding data and systems.
GuidePoint Security is seeking an IGA Architect with Entra ID Governance experience for a fully remote position in the US. The role involves implementing and enhancing identity governance solutions.
The Director of Engineering for Threat Detection & Response at Worldwide Flight Services is a senior cybersecurity leader responsible for global security tool engineering and incident operations. This remote position requires extensive experience in threat management and incident response, focusing on safeguarding data and systems.