North Logo

North

Director, Threat Modeling

Posted Yesterday
Be an Early Applicant
Remote
Hiring Remotely in US
Expert/Leader
Remote
Hiring Remotely in US
Expert/Leader
Lead strategy and execution for AI-driven threat detection, SIEM/log management, SOAR automation, and enterprise vulnerability and insider-threat programs. Build and deploy detection models, integrate security into CI/CD and cloud, run tabletop exercises, measure KPIs, and drive cross-functional security engineering improvements.
The summary above was generated by AI

Director, Threat Modeling

North - Remote

This leadership role drives the strategic vision and technical execution of the security engineering function. The focus of this role is on implementing and optimizing advanced, automated security solutions, specifically leveraging AI, Machine Learning and algorithms for improved threat detection, log management, and incident response orchestration (SOAR). This director will manage the full lifecycle of internal security software, integrate security into cloud and CI/CD pipelines through cross-functional collaboration, and establish metrics to demonstrate the program's efficiency and return on investment.


What you'll do:

  • Strategy & Architecture: Define and execute enterprise strategies for Log Management, SIEM, and AI-driven automation, ensuring architectures support scalable data ingestion, real-time threat detection, and alignment with business objectives.

  • Development & Orchestration: Lead the end-to-end lifecycle (from design to deployment) of automated workflows, SOAR playbooks, and response scripts to streamline threat detection and maximize operational efficiency.

  • Vulnerability Management: Own the strategic vision and day-to-day execution of the enterprise vulnerability management program.

  • Vulnerability Management: Identify systemic workflow gaps and bottlenecks across IT operations to proactively address potential vulnerabilities before they can be exploited.

  • Insider Threat: Design and execute a holistic strategy to detect, investigate, and mitigate malicious, negligent, or compromised insider activities

  • Advanced Cyber Analytics: Act as an internal incubator for the broader cybersecurity organization, helping cybersecurity teams identify, experiment with, and adopt cutting-edge models, algorithms, and disruptive architectural approaches.

  • Advanced Cyber Analytics: Research and deploy innovative detection techniques, machine learning models, and predictive analytics to uncover sophisticated techniques that evade traditional rule-based and signature-based tools.

  • Optimization & Tuning: Partner with cybersecurity teams to infuse advanced automation and data-science mindsets into daily workflows, constantly pushing the boundaries of how the enterprise hunts, detects and contains threats.

  • Optimization & Tuning: Oversee the testing, validation, and continuous tuning of security controls, utilizing AI/ML and advanced analytics to reduce false positives, enhance detection accuracy, and optimize system performance.

  • Collaboration & Integration: Drive cross-functional collaboration with DevOps and IT teams to embed security automation best practices into CI/CD pipelines, cloud environments, and enterprise infrastructure.

  • Threat Management: Design, coordinate, and facilitate regular, high-fidelity security tabletop exercises for both technical teams and executive leadership.

  • Performance Measurement: Establish and track Key Performance Indicators (KPIs) and operational metrics to quantify program efficacy, demonstrate ROI, and drive data-informed continuous improvement.


What we need from you:

  • Bachelor's degree in Software Engineering, Computer Science, Information Technology, or a related field, or equivalent practical experience (10+ years of experience in Cybersecurity).

  • Strong background in cybersecurity domains including: Incident Response; Digital Forensics; Cybersecurity Program Management.

  • Experience conducting hunts or incident response across networks, endpoints, cloud and application environments. 

  • Practical experience in developing agentic cybersecurity solutions.

  • Proficiency in leading the end-to-end lifecycle of security software and automated workflows.

  • Strategic vision for enterprise vulnerability management, including the ability to identify systemic workflow gaps.

  • Competence in digital forensics and the ability to coordinate high-fidelity security tabletop exercises.

  • Strong knowledge of all aspects of large-scale incident response management.

  • Knowledge of the MITRE ATT&CK framework and the Cyber Kill Chain. Ability to map disparate events to specific tactics, techniques, and procedures (TTPs).

  • Strong knowledge of all aspects of large-scale incident response management.

  • Knowledge of cybercrime and nation state attack vectors, detection and mitigation strategies.

  • Strong technical background in security tooling and detection engineering principles (agentic solutions, detection algorithms, machine learning).

  • Attention to details and focus on tactical execution.

What we offer: 

We offer a comprehensive benefits package that enables our teams to live a life well lived, both personally and professionally. Some of our perks include:

  • Medical, Dental, & Vision Coverage

  • Flexible Paid Time Off

  • 401(k) + Match

  • Mental Health Support & Well-Being Program

  • Paid Maternity & Paternity Leave

  • Education Assistance

  • Company-funded Lifestyle Spending Account

Please note: North is a US based company and this role is not eligible for current or future sponsorship.

Who we are: 

North, and our family of companies, are committed to helping entrepreneurs grow their businesses. As an end-to-end payment solutions company, we provide everything business owners need to get paid, whether they serve customers in a physical storefront, online, or both. We pride ourselves on being large enough to offer customized solutions to our enterprise-level clients while remaining agile enough to take an award-winning, hands-on approach to personal service that our merchants won’t find anywhere else.

Let’s go North, together! Our most important resource is our people. Join our diverse team of innovators and do-ers and make your mark on the future of payments technology. We're proud to offer benefits that help our team members further their overall well-being through unique initiatives that are both personally and professionally fulfilling. 

At North, we celebrate diversity and create an inclusive environment for everyone. We are an equal opportunity employer.

To learn more about North, and our family of companies, visit our website: north.com

Similar Jobs

An Hour Ago
Remote or Hybrid
104K-186K Annually
Senior level
104K-186K Annually
Senior level
Artificial Intelligence • Big Data • Healthtech • Software • Biotech
Lead the external brand refresh and storytelling for SOPHiA GENETICS: evolve website and corporate collateral, craft clear messaging and visuals for technical topics, support PR and executive communications, and contribute to internal storytelling and high-impact presentations.
An Hour Ago
Remote or Hybrid
USA
Mid level
Mid level
Machine Learning • Payments • Security • Software • Financial Services
Lead technical design and development of software solutions; propose and document designs; resolve complex problems; provide technical guidance, review code/testing/documentation; apply modern methodologies and tools to advance business initiatives.
An Hour Ago
Remote or Hybrid
USA
100K-223K Annually
Senior level
100K-223K Annually
Senior level
Machine Learning • Payments • Security • Software • Financial Services
Lead and mature detection and incident response lifecycle, run day-to-day SOC operations, manage on‑call readiness, drive SIEM detections and automation, coordinate cross‑team responses, maintain playbooks and run readiness exercises, mentor analysts, and ensure regulatory and post‑incident improvements.
Top Skills: Cloud SecurityEdrElasticEndpoint SecurityFedrampHipaaIdentity And Access ManagementIds/IpsIso 27035JIRAMitre Att&CkNist 800-61Pci DssServicenowSIEMSoc 2SplunkThreat Intelligence

What you need to know about the Chicago Tech Scene

With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.

Key Facts About Chicago Tech

  • Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
  • Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
  • Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
  • Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account