Manager, Detections

Job description

Shift5 is redefining the future of onboard operational technology (OT). As a fast-growing scale-up, we specialize in cutting-edge cybersecurity, predictive maintenance, and compliance for OT systems across defense, aerospace, and rail. We are a team of passionate, innovative professionals who thrive in a collaborative environment, driven by a shared mission to revolutionize how fleets operate. By unlocking and democratizing the vast potential of onboard OT data, we help our customers’ fleets run smarter, safer, and more efficiently. Ready to be part of the next frontier in transportation and critical infrastructure? Come join us.

Our Values:

• Embrace Truth and Integrity: Base decisions on data, foster open dialogue, and uphold unwavering integrity.
• User-Centric Focus: Prioritize user needs to guide our actions and resource allocation.
• Collaborative & Adaptable: Collaborate for excellence, learning from failures and driving iterative improvements, recognizing every decision’s significance.

Shift5 is seeking a highly skilled and motivated Manager, Detections to lead the research and development of cutting-edge detection algorithms and systems. This role is pivotal in creating defenses against cyber threats targeting the unique operational technology (OT), embedded systems, and radio frequency (RF) communications integral to modern weapon systems and complex fleet transportation platforms. While the primary focus is on cybersecurity, this role will also contribute to developing detections relevant to predictive maintenance and operational safety use cases derived from the same onboard data streams. The position demands a unique blend of technical leadership and hands-on contribution; the Manager will guide and mentor a specialized team of three detection engineers while also serving as a key individual technical contributor, actively engaging in the research, design, and prototyping of novel detection methodologies across these domains. This requires not only managing day-to-day activities but also providing strategic R&D direction, anticipating future threats and operational anomalies, and pioneering innovative solutions for non-traditional IT environments.

Success in this role means directly impacting the security posture, maintenance efficiency, and safety insights for national defense assets and critical transportation infrastructure, tackling challenging, real-world problems at the confluence of OT, embedded systems, RF technology, advanced cyber threats, and operational data analysis. The Manager, Detections will operate at the heart of a dynamic, cross-functional environment, serving as a critical interface between the Research organization and teams across Product Management, Software, Hardware, and Firmware Engineering, Data Science, Vulnerability Research, and customer-facing Field Teams. The ability to balance deep technical work with effective team leadership and mentorship is crucial for driving innovation and excellence within the detection engineering function.

Location: Remote, occasional travel to Shift5 HQ & customer sites <15%, Preferred: Rosslyn, VA - Hybrid

Key Responsibilities:

Team Leadership & Development:

• Lead, mentor, coach, and cultivate a high-performing team of detection engineers specializing in OT, embedded systems, and RF security domains, with an understanding of maintenance and safety data applications.
• Foster an environment that encourages innovation, technical rigor, continuous learning, and effective collaboration, both within the team and across Shift5.
• Manage team performance by setting clear goals, providing constructive feedback, identifying development opportunities, and supporting individual career growth paths.

Detection R&D Strategy & Execution:

• Direct and drive the comprehensive research, design, development, prototyping, and rigorous validation of novel detection algorithms, system signatures, behavioral models, and advanced analytics. The primary focus is squarely on identifying both known and previously unseen cyber threats targeting OT environments, embedded systems, and RF communication protocols (e.g. GPS, tactical datalinks) prevalent in defense and transportation sectors. A secondary focus involves leveraging the same data and analytical approaches to develop detections for predictive maintenance indicators and potential safety-related anomalies.
• Oversee the strategic planning, technical design, effective implementation, and maintainability of these detection capabilities (cyber, maintenance, safety) within Shift5’s observability platform architecture.
• Maintain expert-level awareness of customer needs, operational challenges with deploying detections, the evolving threat landscape, sophisticated attacker methodologies, and cutting-edge security research specifically pertinent to OT, embedded, and RF system security, as well as relevant techniques for condition monitoring and anomaly detection for maintenance and safety.

Technical Contribution (Individual Contributor Role):

• Serve as a senior technical leader and hands-on contributor within the detection engineering team. This includes direct involvement in algorithm design, software development, complex data analysis, and system implementation efforts for cybersecurity, maintenance, and safety detections.
• Actively contribute to the creation of innovative software solutions for IDS/IPS and anomaly detection systems, potentially leveraging techniques like machine learning or advanced statistical modeling, often in close partnership with the Data Science team.

Cross-Functional Collaboration:

• Engage in deep collaboration with the Vulnerability Research team to gain insights into specific threats, novel attack vectors, and critical vulnerabilities impacting target platforms, ensuring cyber detection strategies are directly informed by real-world risk intelligence.
• Partner closely with Product Management to effectively translate research breakthroughs and developed detection capabilities (across cyber, maintenance, and safety) into tangible product features and clearly defined requirements, ensuring alignment with customer needs and Shift5’s strategic roadmap. This role acts as a vital conduit, making advanced research actionable and relevant for product success.
• Work seamlessly with Software, Hardware, and Firmware Engineering teams to ensure the smooth integration of detection mechanisms into the Shift5 platform and confirm compatibility with the diverse systems under observation.
• Collaborate with customer-facing Field Teams to gather crucial feedback on detection performance in operational environments, understand deployment challenges, and drive a cycle of continuous improvement based on real-world data across all detection types.
• Liaise proactively with the Data Science team to explore, evaluate, and implement advanced analytical methods (e.g., machine learning, statistical analysis) aimed at significantly enhancing detection accuracy (for cyber threats, maintenance precursors, and safety events), reducing false positives, uncovering subtle patterns, and triaging alerts.

Process & Reporting:

• Define, implement, and continuously refine robust processes for the entire detection capability lifecycle, encompassing development, rigorous testing, secure deployment, and ongoing maintenance.
• Clearly and effectively communicate complex research findings, strategic detection approaches, team progress, and technical challenges to senior leadership and other key stakeholders across the organization.

Qualifications:

The ideal candidate possesses a rare combination of deep software engineering skills, cybersecurity research expertise, specialized knowledge in OT/embedded/RF systems, and proven leadership capabilities. The demands of this role require an individual comfortable tackling novel challenges in complex, evolving technological domains where standard solutions may not exist, necessitating strong analytical abilities and adaptability.

• Citizenship & Clearance: US Citizenship is required for this role due to the nature of Shift5’s work with defense and government contracts and must possess an active SECRET security clearance, at a minimum.
• Educational: Bachelor’s degree (or equivalent practical experience) in Computer Science, Computer Engineering, Electrical Engineering, Cybersecurity, or a closely related technical discipline.
• Leadership & Management Experience: Proven ability to lead, manage, or formally mentor technical teams. This includes experience setting technical direction, fostering team growth and skill development, and managing performance effectively.
• Software Development Expertise: Significant, demonstrated experience designing, developing, and deploying robust software solutions, with a strong emphasis on cybersecurity applications. Proficiency in relevant programming languages (e.g., Go, Python, C/C++) is essential.
• IDPS Technical Depth: Comprehensive understanding of intrusion detection and prevention principles, diverse techniques (e.g., signature matching, anomaly detection, behavioral analysis, statistical methods), system architectures, performance optimization, and common attacker evasion tactics.
• OT/Embedded/RF Knowledge: Demonstrable knowledge and hands-on experience addressing the unique security challenges, communication protocols (e.g., CAN bus, MIL-STD-1553, ARINC 429, various RF protocols), and system architectures found within Operational Technology (OT), embedded systems, and/or RF systems. Experience securing or analyzing Industrial Control Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) systems is highly relevant.
• Research & Analytical Skills: Strong research capabilities, including the ability to independently investigate complex technical problems, perform in-depth data analysis, devise innovative solutions, and rigorously evaluate their effectiveness against defined metrics.
• Collaboration & Communication: Excellent interpersonal, written, and verbal communication skills. Must possess a proven ability to collaborate productively within diverse, cross-functional technical teams and articulate complex technical concepts clearly to varied audiences.
• Preferred (at least one):
  • Domain-Specific IDPS Experience: Direct experience developing, implementing, or tuning IDPS solutions specifically for weapon systems, aerospace platforms, automotive systems, rail networks, maritime vessels, or other critical infrastructure OT/embedded environments.
  • Data Science / ML Application: Practical experience applying data analysis, machine learning algorithms, or statistical modeling techniques to solve cybersecurity problems, particularly in areas like anomaly detection or predictive threat modeling. Experience applying similar techniques for predictive maintenance or safety analysis is beneficial.
  • Vulnerability Research / RE: Background or experience in vulnerability research, exploit analysis, or reverse engineering (particularly firmware, embedded software, or network protocols).
  • Maintenance/Safety Domain Knowledge: Understanding of condition-based maintenance principles, failure modes, or safety analysis techniques relevant to transportation or defense platforms.

Compensation & Benefits:

• Base Salary: $200,000-$260,000
• Bonus program and equity in a fast-growing startup
• Competitive medical, dental, and vision coverage for employees and their families
• Health Savings Account with annual employer contributions
• Employer-paid Life and Disability Insurance
• Uncapped paid time off policy
• Flexible work & remote work policy
• Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA)

We are committed to building an inclusive culture of belonging that embraces the diversity of our people and represents the communities in which we work and the customers we serve. We know the happiest and highest performing teams include people with diverse perspectives and ways of solving problems. We strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.

Shift5 is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identify, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.

Privacy Policy and Notice for Shift5, Inc. Job Applicants, Employees & Contractors