Manager of Global Cyber Defense

About the role

Celonis is seeking a Manager of Global Cyber Defense to lead our Security Operations (SecOps) and Incident Response teams. In this global leadership position, you will be the primary architect and custodian of the strategies, tools, and policies that safeguard Celonis's enterprise data, corporate infrastructure, and cloud-native environments. Your team will ensure the security and integrity of our global execution management platform, protecting the critical business processes of our customers. By designing and deploying advanced technical controls, you will ensure that emerging cyber threats are automatically detected, isolated, and neutralized. As a core security leader, you will collaborate across Engineering, Product, and IT to build a resilient, security-first culture, integrating deep threat insights directly into our continuous software development lifecycle. While this is a management role, Celonis values expert practitioners . You should be ready to lead by example, bring deep technical mastery of modern security ecosystems, and blend proprietary and open-source tooling into a seamless, next-generation global defense strategy. This position reports VP of Information Security. What You Will Do in This Role Lead and Scale: Recruit, mentor, and develop a high-performing global team of cyber defense engineers and security analysts. Define Standards: Author and maintain enterprise-wide cyber defense frameworks, incident response playbooks, and operational blueprints. Drive SOC Evolution: Own the strategic architecture, tooling, and day-to-day operations of our modern Security Operations Center (SOC). Threat Mitigation: Oversee the rapid identification, containment, and remediation of advanced cyber attacks and vulnerabilities. Tooling Innovation: Evaluate, select, and integrate cutting-edge security technologies, focusing on automation (SOAR), telemetry, and SIEM optimization. Proactive Defense: Champion threat modeling, breach simulations, and tabletop exercises across Engineering, Cloud Infrastructure, and IT. Cultivate Enablement: Partner with internal learning teams to institutionalize security playbooks and upskill teams across the organization. Metrics and Accountability: Establish, track, and report on high-impact cyber defense KPIs to provide visibility to executive leadership. Agile Execution: Manage the Cyber Defense roadmap within an agile engineering framework to ensure predictable, high-velocity security delivery.

Requirements

• Threat Combat Experience: A proven track record of successfully mitigating advanced persistent threats (APTs) and sophisticated cyber adversaries.
• SOC Architecture Mastery: In-depth, foundational knowledge of SOC design, including advanced logging strategies, network segmentation, cloud telemetry, and honeypots.
• Cloud & SaaS Expertise: Strong technical understanding of securing enterprise SaaS platforms and cloud environments (AWS, Azure, or GCP).
• Automation-First Mindset: Demonstrated ability to build, automate, and orchestrate effective incident response workflows to minimize blast radiuses.
• Framework Familiarity: Strong working knowledge of security risk management and threat frameworks (e.g., NIST CSF, MITRE ATT&CK).
• Academic Foundation: A strong academic background with a Bachelor's degree in Computer Science, STEM, or a compelling narrative of equivalent real-world technical experience.
• Leadership and Drive: Proven capability to manage technical teams, manage high-pressure situations, and consistently exceed operational goals.
• Executive Communication: Exceptional English communication skills, with the confidence to deliver transparent, data-driven security metrics to the CISO and executive board.
• Hybrid Security Background: Hands-on experience spanning both offensive (red teaming/penetration testing) and defensive (blue teaming) disciplines.
• Data-Driven Security: Familiarity with leveraging data analytics, SIEM engineering, or process-oriented workflows to optimize security operations.
• Industry Certifications: Relevant elite certifications such as CISSP, CISM, or GIAC.
• Enterprise Endpoint Security: Experience managing and securing corporate endpoint fleets at a global scale.
• What Celonis can offer you:
• Pioneer Innovation: Work with the global leader in Process Mining and the Process Intellige

Additional Information

Celonis is the global leader in Process Intelligence and the pioneer of Process Mining technology. As one of the world's fastest-growing enterprise SaaS companies, we are changemakers pushing the boundaries of what's possible. We invest heavily in advanced AI capabilities-specifically our Process Intelligence Graph-to turn data insights into immediate business action. We believe there is a massive opportunity to unlock global productivity and sustainability by placing intelligence at the core of every business process. Join our mission to make processes work for people, companies, and the planet.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Celonis? Share your experience