MDR Centre Manager

CSIS is seeking a talented Manager for our market-leading Managed Detection & Response (MDR) Centre.

CSIS is Denmark’s leading cybersecurity services company. MDR is one of our 3 strategic growth pillars and due to our continued commercial success and dynamic ambitions, we are looking for top talent to join our expanding team.

You are already an experienced cybersecurity professional, leading a team of analysts in an MDR Centre or SOC. You will have strong team management, communication and organizational skills. You will have a high-performance approach to management and be process driven. You will also have significant security analyst and incident response experience.


About the role:

The MDR Centre Manager is responsible for hiring, managing, training and developing all CSIS’s Security Analysts. The team delivers 24x7x365 detection, response, and customer engagement for our MDR service. The manager will own processes, SLA metrics and reporting. The MDR Centre Manager is responsible for effective communication between MDR Engineering, Sales, Consulting and other functional areas in the company.

The MDR Centre Manager is responsible for functional processes and the performance of the MDR Centre.  This will include Incident Triage, Incident Investigation, Incident Escalations and any other functional role that is required to deliver exceptional value to customers.  This team member will partner with Portfolio Management and the MDR Product Owner to drive enhancements and evolution of the function they own and improvements within the platform that the team uses.

Security Analysts are responsible for investigation and incident response capabilities for all customers.  The MDR Centre Manager is able to lead the team through the process and execute effectively when customer breaches require immediate investigation.

This role reports into the Director of MDR.


Your primary responsibility will be to:

  • Operate a leading 24x7 MDR Center. While this role is considered business hours, the support for the team, which may take form in after hours from time to time, is expected.
  • Be a subject matter expert on event monitoring, triage, and response capabilities.
  • Lead daily operations for a dedicated team of Security Analysts performing MDR services.
  • Manage a 15+ member team of Security Analysts who are accountable for the execution of detection, response, and customer requests.
  • Develop, enhance, and operationalize processes to better deliver against customer expectations.
  • Develop, measure, analyze, and maintain the internal and external service metrics for Service Operation, providing timely reports to the Director of MDR.
  • Leverage metrics to make better informed decisions on how to improve the capability and functionality of the organization.
  • Drive people management responsibilities.
  • Provide escalation support for both customer management challenges, security incidents, and ticket triage functions.
  • Lead, coordinate, and train others on effective management of security incidents and operational responses for customers.
  • Lead post-incident analysis and documentation.
  • Work effectively with the Innovation & Development team to improve the MDR platform and Threat Intelligence Portal.
  • Ensure that the organization stays current with new and emerging threats, security risks, and potential impacts to the business.
  • Seek innovative approaches to security incident response programs.
  • Assist with various audit of internal compliance to cybersecurity policies.
  • Communicate exceptionally well with business and technical audiences.
  • Ability to lead remote team members, as not all team members will be in the local office at all times.


Essential requirements:

  • At least 5 years of experience in cybersecurity; ideally 2+ years of this time in a management role with an MDR player.
  • Practical cybersecurity experience in the identified function (incident analysis and/or ticket triage).
  • Knowledge of relevant technologies: EDR, NDR, SIEM.
  • Strong process definition and management experience.
  • A proven passion for developing high performance teams.
  • Passion for Cybersecurity. Continually learning new attack vectors, new threats, and security framework expertise. 
  • Strong and demonstrated ability to define effective security processes. Ability to identify opportunities in current processes and take action to roll out necessary changes. 
  • Knowledge of industry adopted frameworks and methodologies (e.g., MITRE ATT&CK, NIST)
  • Proven ability to rapidly analyze complex technical security threats and incident information to be able to communicate business-impacting risk to non-technical audiences.
  • Ability to work independently, manage projects, and exercise judgement in reaching solutions.
  • Demonstrated success in delivering analysis via a creative approach with the mindset of an adversary.
  • Strong verbal and written communication required in English.
  • You will be required to attend training, seminars, conferences, and webinars relevant to job role to enhance current knowledge base and skill set in order to improve job performance and efficiency. 


Additional requirements:

  • Fluency in additional languages, particularly Danish, is a plus.


Working for us you will have:

  • Interesting and challenging work in a leading cybersecurity player.
  • The possibility to grow and develop together with the team and the company.
  • A strong team of IT security-focused specialists around you.
  • A competitive salary and personal benefits package.


Position type:

Permanent, position available immediately


Other information:

This role is based in Copenhagen, Denmark.

However, domestic travel to customers is expected.

It is a requirement that you can show and uphold a clean criminal record and get approval for security clearance HEM (Denmark).

Relocation to Denmark will be required if you are currently located elsewhere.



To apply for this position, please send your CV and a motivated application to our recruitment partner  or reach out to Casper Høgh if you have questions at phone: +4550502570

About CSIS:

Founded in 2003, CSIS Security Group A/S (CSIS) is a leading provider of advanced cybersecurity capabilities, focused on actionable and intelligence-driven detection and response services. We are the preferred cybersecurity partner to notable organizations across various sectors, including Banking & Financial Services, Energy & Utilities, Manufacturing, Transportation & Logistics, as well as Government & Public Sector. We are a trusted adviser to law enforcement agencies (including the FBI, NCA, Europol) and are also sought-after speakers for public and closed-community conferences around the world. Additionally, our depth of expertise and distinguished reputation ensure that we are regularly called upon as expert commentators on cyber topics for the media.