Apply on Employer Site

APi Group · 3 weeks ago

Cyber Defense Team Lead

St Paul, MN

Full-time

Hybrid

Mid, Senior Level

$127K/yr - $191K/yr

APi Group is a global leader in safety and specialty services, dedicated to building great leaders. The Cyber Defense Team Lead will lead the North American cyber defense team, providing guidance and oversight in incident response and security operations, while fostering a collaborative team environment.

Construction

No H1B

Responsibilities

Lead and manage the North America Cyber Defense analysts, providing clear direction, coaching, and day-to-day support

Serve as Lead Responder for security incidents, providing calm, structured decision-making under pressure

Lead post-incident reviews, ensure lessons learned are captured, and coordinate closely with IT, Legal, Audit, and the DPO where required

Oversee the on-call schedule and ensure high-quality incident execution across the team

Act as the technical escalation point for analysts, providing guidance on complex investigations and ensuring high standards of analysis

Partner with our global MSSP to improve alerting, tuning, and automation, and drive continuous optimization across our security operations

Support alignment with UK and European teams to maintain consistency in processes and outcomes

Own the North America contribution to the global Monthly Security Operations Brief, ensuring data is accurate, timely, and clearly explained

Work closely with international counterparts to ensure a consistent global view of cyber defense performance

Support delivery of the organization’s NIST CSF targets

Track assigned actions, monitor progress, and ensure tasks are completed to the required standard

Coordinate remediation work across teams, remove blockers where possible, and provide clear, regular updates to leadership

Build strong working relationships with engineering, IT, HR, Legal, Audit, and other stakeholders to support smooth incident response and operational alignment

Represent the North America team in global discussions and help drive coordinated improvements across regions

Qualification

Incident Response LeadershipCyber Security AnalysisAzure Security StackTechnical Escalation PointAnalytical SkillsIndependent ThinkerOutcome-focusedTeam LeadershipClear CommunicationCalm Under Pressure

Required

Previous experience as a Cyber Security Analyst, either directly within a business or providing a service within an MSSP

Strong incident response background with clear evidence of sound judgment under pressure

Proven ability to lead, mentor or guide junior analysts in day-to-day investigations

Clear and concise written and verbal communication skills, with the ability to brief both technical and non-technical audiences

Ability to act as the technical escalation point for the security analysts for complex cases and operational decisions

Experience with the Azure security stack (Defender, Sentinel, Purview) or comparable technologies such as AWS and other SIEM or SOAR at an advanced level

Ability to work effectively with an MSSP and drive tuning, quality, and workflow improvements

Strong analytical skills with the ability to produce actionable, insight-driven recommendations