Cyber Defense Manager
TLDR
Mature a resilient cyber defense and own threat detection, investigation, containment, and exposure reduction.
- Own Cyber Defense execution across SOC, detection engineering, incident response, and exposure remediation
- Lead alert triage quality, escalation standards, incident command, and response coordination
- Prioritize critical vulnerabilities and exposures using asset criticality, exploitability, and business impact
- Manage Cyber Defense dashboards, runbooks, remediation follow-up, and operational metrics
- Coordinate with IT, Platform, Product, GRC, Legal, and business owners during incidents and remediation
- Build and develop the Cyber Defense team, including hiring, onboarding, mentoring, and retaining security talent
- Drive continuous improvement of detection coverage, response playbooks, and security controls based on lessons learned and threat intelligence
- Report on Cyber Defense performance, incidents, and risk posture to security leadership and stakeholders
- 10+ years of experience in Information Security
- 3+ years in a security management or team lead role with direct people management experience
- Hands-on experience managing SOC operations, leading incident command, and driving MTTD/MTTR improvement
- Ability to design, validate, and maintain detection logic across SIEM, EDR, and cloud platforms, with a deep understanding of runbook development and false-positive reduction
- Knowledge of top attack scenarios (ATO, credential theft, privilege escalation, data exfiltration) and ability to map detections to threat models like MITRE ATT&CK
- Experience prioritizing vulnerabilities using CVSS and asset criticality to reduce exposure aging
- Hands-on experience with at least one enterprise SIEM (Splunk, Microsoft Sentinel, Chronicle, Elastic) and SOAR tooling
- Understanding of cloud-native security controls and monitoring in AWS, GCP, or Azure
- Understanding of IAM, PAM, SSO, and identity-related attack vectors relevant to detection and response
- Ability to define, track, and communicate security KPIs and operational dashboards to technical and executive audiences
- English - Upper-Intermediate or higher
- Ukrainian - Fluent
Will be a plus
- Experience in fintech, e-commerce, or other high-risk industries with complex threat landscapes
- Hands-on background as a SOC analyst, incident responder, or detection engineer prior to moving into management
- Experience building a SOC or Cyber Defense function from scratch or significantly maturing an existing one
- Familiarity with threat intelligence platforms and threat-informed defense methodologies
- Relevant certifications: CISSP, CISM, GIAC (GSOM, GCED, GCIH) or equivalent
We offer
- 20 paid vacation days per year
- 10 paid sick leave days per year
- Public holidays as per the company’s approved Public holiday list
- Medical budget
- Opportunity to work remotely
- Professional education budget
- Language learning budget
- Wellness budget (gym membership, sports gear and related expenses)
Benefits
Health Insurance
Medical budget
Learning Budget
Language learning budget
Paid Time Off
Public holidays as per the company’s approved Public holiday list
Remote-Friendly
Opportunity to work remotely
Wellness Stipend
Wellness budget (gym membership, sports gear and related expenses)
JustMarkets is a global multi-asset broker that facilitates trading across 160+ countries, providing clients with a transparent and convenient investment environment. With a team of diverse professionals and a focus on customer-centricity, we leverage data-driven insights to innovate within the fintech space, making trading accessible for everyone.