Director, Menlo Labs

Posted:
9/24/2024, 3:32:59 PM

Experience Level(s):
Senior

Field(s):
IT & Security ⋅ Software Engineering

Menlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense.

The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate for the job is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching.

Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners (“Vista”), General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures.

Summary:

Menlo Security is seeking a highly experienced and motivated leader to spearhead our Menlo Labs team. This individual will be responsible for leading a team of threat researchers and threat intelligence analysts, driving cutting-edge research in browser security, AI, and emerging threats. The ideal candidate possesses a deep understanding of browser architecture, security vulnerabilities, the evolving threat landscape, and the intricate relationship between browsers and web applications.

Crucially, this leader will be the bridge between threat research and product innovation. They will guide their team to not only identify and analyze threats but also to translate those insights into new product capabilities and features that directly enhance Menlo Security's offerings.

This role demands a scrappy, gritty individual who thrives in a fast-paced, dynamic startup environment. You'll need to be resourceful, adaptable, and comfortable wearing multiple hats. We're looking for someone who is passionate about pushing boundaries, challenging the status quo, and making a real impact on the cybersecurity landscape.

Responsibilities:

  • Lead and mentor: Provide technical leadership and mentorship to a team of threat researchers and intelligence analysts. Foster a culture of collaboration, innovation, and continuous learning, across multiple geographies, in the face of limited resources, and tight deadlines. Directly manage a team of 7-8 full time employees.

  • Drive research: Lead research efforts into browser security, browser-based attacks, AI-powered threats, and other emerging security challenges. Develop innovative methodologies to identify, analyze, and mitigate threats, with a particular focus on the intersection of browsers and web applications. Be resourceful and creative in finding solutions, even when faced with constraints.

  • Threat intelligence: Oversee the collection, analysis, and dissemination of threat intelligence, specifically related to browser and web application vulnerabilities and exploits. Develop and maintain relationships with industry partners and information-sharing communities. Be proactive and persistent in gathering information and building relationships.

  • Product innovation: Lead the translation of threat research and intelligence into actionable product enhancements. Work closely with product development, engineering, and other teams to ensure research findings directly inform new product capabilities and features. Prioritize shipping product and delivering value to customers.

  • Thought leadership: Represent Menlo Security in customer meetings, executive briefings, analysts, trade press, industry conferences. Publish research findings and contribute to the cybersecurity community, specifically in the areas of browser security. Be a vocal advocate for Menlo Security and our mission.

Qualifications:

  • Experience: 12+ years of experience in cybersecurity, with a strong focus on threat research and analysis. Deep expertise in browser security, browser architecture, web application security, and related technologies.

  • Technical skills: Extensive knowledge of:

    • Browser vulnerabilities, exploit techniques, and mitigation strategies

    • Web application security vulnerabilities (OWASP Top 10, etc.) and their interaction with browser security

    • Client-side attacks (XSS, CSRF, etc.) and their impact on user security

    • Familiarity with AI/ML concepts and their potential impact on security, particularly in the context of browser and web application threats

    • Nice to have: Phishing, ransomware, and malware

  • Leadership: Proven track record of leading and mentoring technical teams, even in challenging startup environments. Strong communication, collaboration, and project management skills.  A passion for the art of leadership and general management.

  • Obsessed with customer outcomes:  Deeply understands the customer's security challenges and is driven to deliver solutions that directly address their needs and exceed their expectations.

  • Product mindset: A demonstrated ability to bridge the gap between research and product development. Experience translating technical findings into actionable product requirements.

  • Grit and determination: A demonstrated ability to overcome obstacles, persevere through setbacks, and deliver results in a fast-paced, resource-constrained environment.

  • Bias for action: A strong focus on shipping product and delivering value to customers. Ability to balance research with practical implementation.

  • Passion: A strong passion for cybersecurity and a desire to stay ahead of emerging threats, particularly in the rapidly evolving landscape of browser and web application security

Preferred Qualifications:

  • AI expertise: Experience with AI/ML applications in cybersecurity, such as threat detection, malware analysis, and automated defense, with a focus on browser and web application security

  • Publications: Contributions to the cybersecurity community through publications, conference presentations, or open-source projects, specifically related to browser and web application security

  • Startup experience: Prior experience working in a startup or similarly dynamic environment

MSGL-I4

Why Menlo?

Our culture is collaborative, inclusive, and fun! We have five core values: Stay Aligned, Get It Done, Customer Empathy, Think Creatively and Help Each Other Out. We believe in open communication, supporting new ideas, and sharing a mutual mindset of what we’re aiming to achieve together. There are tremendous opportunities to take initiative, implement new ideas, and have a hand in building a legacy.

All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

TO ALL AGENCIES: Please, no phone calls or emails to any employee of Menlo Security outside of the Talent organization. Menlo Security’s policy is to only accept resumes from agencies via Ashby (ATS). Agencies must have a valid services agreement executed and must have been assigned by the Talent team to a specific requisition. Any resume submitted outside of this process will be deemed the sole property of Menlo Security. In the event a candidate submitted outside of this policy is hired, no fee or payment will be paid.