Senior Manager, Threat Detection and Response

About the role: We are seeking an experienced and strategic cybersecurity leader to serve as our Sr. Manager of Cyber Threat Detection and Response. This role is responsible for leading detection engineering, threat monitoring, incident response coordination, and continuous improvement of security operations capabilities across the enterprise. The ideal candidate brings strong people leadership, deep technical expertise, and a proven ability to translate threat intelligence and operational data into effective detection and response outcomes. What you'll do: Lead and develop the cyber threat detection and response function, including analysts, detection engineers, and incident responders. Define and execute the roadmap for threat detection, alert tuning, threat hunting, and response process maturity. Oversee MSSP and internal development and optimization of high-fidelity detections across SIEM, EDR, identity, cloud, email, and network telemetry sources. Translate threat intelligence, adversary techniques, and incident learnings into actionable detection content mapped to frameworks such as MITRE ATT&CK. Direct incident response activities for high-priority cybersecurity events, including triage, containment, investigation, eradication, recovery, and post-incident review. Partner closely with security engineering, infrastructure, cloud, legal, HR, privacy, and business stakeholders to improve readiness and response coordination. Establish and monitor metrics such as mean time to detect, mean time to respond, and control effectiveness. Drive automation and orchestration initiatives that improve investigation speed, response consistency, and analyst efficiency. Maintain and mature playbooks, runbooks, escalation procedures, and executive reporting processes. Support audits, compliance activities, tabletop exercises, and security program reviews related to detection and response capabilities. What we'll expect you to have: 10+ years of experience in cybersecurity, with significant experience in threat detection, security operations, incident response, or threat hunting. 5+ years of people leadership experience managing technical security teams in a fast-paced environment. Strong experience with security platforms such as SIEM, EDR/XDR, SOAR, email security, identity monitoring, and cloud security tooling. Deep understanding of attacker tactics, techniques, and procedures, as well as detection engineering concepts and incident response methodologies. Experience building or maturing operational processes, dashboards, metrics, and cross-functional escalation models. Strong verbal and written communication skills with the ability to brief both technical teams and executive stakeholders. Working knowledge of cybersecurity frameworks and standards such as NIST, MITRE ATT&CK, CIS Controls, and incident handling best practices. Preferred Qualifications: Experience leading security operations in cloud-first or hybrid enterprise environments. Hands-on familiarity with detection-as-code, automation, and threat-informed defense practices. Knowledge of digital forensics, malware triage, insider threat monitoring, or purple team collaboration. Relevant certifications such as CISSP, GCIH, GCIA, GCED, CISM, or similar. Experience in environments with complex audit and compliance requirements. Stay up to date on everything Blackbaud, follow us on Linkedin, Twitter, Instagram, Facebook and YouTube Blackbaud powers social impact through purpose‑driven technology and responsible AI. Guided by our Intelligence for Good® vision, we’re building a culture where innovation, trust, and human expertise come together to help organizations make a greater difference in the world. Blackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. The starting base pay is $133,700.00 to $173,800.00. Blackbaud may pay more or less based on employee qualifications, market value, Company finances, and other operational considerations. Benefits Include: Medical, dental, and vision insurance Remote-flexible workforce Wellness Programs 401(k) program with employer match Flexible paid time off Generous Parental Leave Donations for Doers Pet insurance, legal and identity protection Tuition reimbursement program Blackbaud (NASDAQ: BLKB) is the world’s leading cloud software company powering social good. Serving the entire social good community—nonprofits, foundations, corporations, education institutions, healthcare institutions and individual change agents—Blackbaud connects and empowers organizations to increase their impact through software, services, expertise, and data intelligence. The Blackbaud portfolio is tailored to the unique needs of vertical markets, with solutions for fundraising and CRM, marketing, advocacy, peer-to-peer fundraising, corporate social responsibility, school management, ticketing, grantmaking, financial management, payment processing, and analytics. Serving the industry for more than three decades, Blackbaud is headquartered in Charleston, South Carolina and has operations in the United States, Australia, Canada, and the United Kingdom.