Head of Detection Engineering - Meraki

Join to apply for the Head of Detection Engineering - Meraki role at Cisco.

This range is provided by Cisco. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$170,500.00/yr - $245,300.00/yr

At Cisco Meraki, we connect, empower, and drive innovation through technology. As the fastest-growing cloud-managed networking team, our products are transforming enterprise networking and cloud-managed IT. Our Meraki Security organization provides critical cybersecurity and business protection globally, maintaining a fully remote team across multiple locations and time zones.

As a leader in Cisco Meraki’s Detection Engineering program, you will build, maintain, and improve threat detection and alerting infrastructure, ensuring comprehensive data collection and log visibility to identify threats against our infrastructure, data, employees, and customers. We seek self-starters, curious engineers comfortable operating amidst uncertainties, collaborating with Threat Management teams including Threat Response, Insider Threat, and Threat Intelligence.

Your work will have a direct impact on internal security, our external customers, and the millions of users relying on Meraki products daily. We value a positive culture, mentorship, humility, and organizational improvement, supported by Cisco’s stability and resources.

• Oversee the detection engineering program’s strategy, execution, and continuous enhancement.
• Develop and report key performance metrics to measure program effectiveness and maturity.
• Lead and mentor a team of contractors, ensuring alignment with goals.
• Coordinate with other Cisco Security teams and business units on detection and response efforts.
• Design, develop, test, and tune high-quality detections for effective threat response.
• Document alerting and detection strategies with context and runbooks for analysts.
• Serve as a subject matter expert on security logs and data, supporting incident investigations.
• Build and optimize custom detection and alerting solutions.
• Collaborate with Threat Intelligence and Insider Threat teams to strengthen security posture.
• Support initiatives to improve threat visibility and detection capabilities.
• Propose improvements to logging and detection strategies across engineering teams.

• Hands-on experience with full lifecycle detection engineering supporting security operations.
• Interest and knowledge in AI applications within detection workflows.
• Experience defining, collecting, and analyzing metrics like MITRE ATT&CK coverage.
• Proven ability to build and manage high-performing security teams and programs.
• Background as Threat Hunter, Security Analyst, or Incident Responder.
• Familiarity with SIEM/SOAR tools like Splunk.
• Technical expertise in offensive security, application security, cloud security, digital forensics, malware analysis, threat hunting, or incident response.
• Knowledge of SQL, relational databases, and data warehousing.
• Basic scripting skills (Python or others) for automation.
• Understanding of threat actor techniques and their log artifacts.
• Strong communication and autonomous working skills.

• Relevant industry certifications.
• Experience in software engineering, DevOps, or data science.
• Hands-on experience with cloud environments like AWS.
• Splunk engineering/administration experience.
• Knowledge of compliance frameworks such as PCI-DSS, FedRAMP.

Employment type: Full-time

Job function: Engineering and IT

Industries: Hardware, Software, Networking

Referrals can double your interview chances. Get notified about new jobs in San Francisco, CA and surrounding areas.