Security Analytics Team Lead

We are , a global software company transforming how businesses run. Our product suite can adapt to the needs of diverse industries and use cases within one powerful platform, empowering ~245,000 customers worldwide to reimagine how work gets done, drive greater efficiency, and scale like never before.

With over 2,500 employees across the globe, we grow by prioritizing transparency and knowledge sharing. We care about the impact you make, not the hours you clock, so we encourage initiative, ownership, and fresh thinking. We back our people with flexible work, wellness and mental health support, and a work environment built on collaboration.

We seek a dynamic and highly motivated individual to lead our Data Security team, within the Platform Security Group

This pivotal role focuses on driving the successful implementation of our data and AI platform and leveraging it with our Application Security capabilities - including developing, implementing, and monitoring secure procedures and technologies.

We use data science and massive amounts of our products traffic and behavior data to enhance the threat intelligence that is used in multiple Monday products

In this role, you will lead a team dedicated to identifying and investigating authorization errors (shift right), detecting inbound threats across our perimeter and uncovering phishing and abuse on the platform.

About The Role
We are , a global software company transforming how businesses run. Our product suite can adapt to the needs of diverse industries and use cases within one powerful platform, empowering ~245,000 customers worldwide to reimagine how work gets done, drive greater efficiency, and scale like never before.

With over 2,500 employees across the globe, we grow by prioritizing transparency and knowledge sharing. We care about the impact you make, not the hours you clock, so we encourage initiative, ownership, and fresh thinking. We back our people with flexible work, wellness and mental health support, and a work environment built on collaboration.

We seek a dynamic and highly motivated individual to lead our Data Security team, within the Platform Security Group

This pivotal role focuses on driving the successful implementation of our data and AI platform and leveraging it with our Application Security capabilities - including developing, implementing, and monitoring secure procedures and technologies.

We use data science and massive amounts of our products traffic and behavior data to enhance the threat intelligence that is used in multiple Monday products

In this role, you will lead a team dedicated to identifying and investigating authorization errors (shift right), detecting inbound threats across our perimeter and uncovering phishing and abuse on the platform.

You'll lead the
Security Analytics team
within the
Platform Security Group
, a pivotal function in our threat detection strategy. This role focuses on leveraging large scale behavioral and product data to build scalable, intelligent detection capabilities.

Your Team Will Be Responsible For

• Detecting inbound perimeter threats: Monitor and analyze traffic at the platform edge to detect scanning, exploitation attempts, automated recon, and credential stuffing. Your team will research, develop, and deploy real time detection logic across key entry points including APIs, login flows, and exposed services.
• Investigating authorization anomalies ("shift right" detection): Your team will leverage OPA-based policy rules and platform telemetry to identify discrepancies between expected and actual access, helping surface insider threats and authorization drifts.
• Uncovering phishing, spam, and abuse on the platform: Identify malicious actors abusing product features (e.g., invites, comments, messages) for social engineering, spam campaigns or fake account generation. Develop detection pipelines and abuse signals to protect users and preserve platform integrity.
• Designing and deploying scalable detection mechanisms: Build logic and systems that are robust, explainable, and capable of running continuously at scale, using event streams, logs, and behavioral signals.
• Enriching and labeling behavioral data for threat context: Work closely with data engineering to ensure telemetry is enriched with organizational context (e.g., user roles, product behavior, geo anomalies) to support high quality, low noise detections.
• Collaborating with SOC and AppSec teams on investigations: Provide insights, tools, and alerts that drive triage workflows, root cause analysis, and incident containment efforts.

Your Responsibilities

• Lead advanced threat research across domains such as account takeover (ATO), hacking attempts, web vulnerabilities, phishing, bot activity, abuse, and SaaS attack vectors.
• Design and deploy detection logic, enrichment layers, and anomaly detection models using large scale behavioral data.
• Integrate research outputs into production systems (e.g., alerting engines, policy frameworks, and prevention mechanisms).
• Build internal research tools and automation systems to support investigation, validation, and detection engineering.
• Collaborate with our SOC and Application Security teams to translate research into scalable defenses.

Your Experience & Skills
Your Experience & Skills

• Security Research Leader: 3+ years managing cyber research or detection teams in fast paced environments (e.g., cybersecurity vendors, MDRs, threat intel firms or high scale SaaS companies).
• Detection Expert: 5+ years building detections using behavioral analytics, anomaly modeling, threat research across cloud, SaaS and abuse domains.
• Data Power User: Fluent in SQL and experienced with telemetry datasets, ETL processes, and cloud native data querying (e.g., Snowflake, BigQuery).
• Proven ability to envision, design, prototype and deploy detection frameworks and enrichment pipelines from the ground up.
• Cross Functional Collaborator: Comfortable aligning research outcomes with engineering, product, and security stakeholders.

Good to Have

• Strong understanding of platform attack vectors, including OWASP Top 10, phishing, account takeover (ATO), spam, and bot automation.
• Hands-on experience with Python and/or JavaScript for building research tools (e.g., scrapers, enrichment pipelines, detection logic, PoC exploits).
• Familiarity with rule based security systems and policy frameworks (e.g., OPA, custom logic engines).
• Experience deploying and tuning Web Application Firewalls (WAFs), abuse prevention systems, or anomaly based alerting infrastructure.
• Exposure to machine learning for detection, including model evaluation and deployment in production environments.
• Knowledge of data pipeline orchestration and cloud analytics platforms (e.g., Snowflake, Airflow, dbt) in support of detection or telemetry analysis.