Director, Threat Detection & Response

FanDuel is looking for a Director of Threat Detection & Response who sits at the intersection of deep engineering expertise and executive-level leadership. You’ll own the teams and programs responsible for keeping FanDuel’s platforms, data, and customers safe — and you’ll build the operational maturity to scale with one of the fastest-growing companies in sports gaming. This is a highly visible, senior leadership role spanning four critical security domains: Security Operations Engineering, Detection Engineering, Threat Intelligence, and Vulnerability Management. You’ll define strategy, lead high-performing teams, and partner cross-functionally with Product, Fraud, and Customer Operations to translate risk signals into clear, decisive action. We’re looking for someone who came up through the technical ranks — who has built detection systems, run incident response, and understands what makes security engineering excellent — and who is now equally effective advising executives and operating at board-room scale. If you’re energized by ownership, ambiguity, and building something that truly matters, this is your role. In addition to the specific responsibilities outlined above, employees may be required to perform other such duties as assigned by the Company. This ensures operational flexibility and allows the Company to meet evolving business needs.

• Lead and scale high-performing teams across Security Operations Engineering, Detection Engineering, Threat Intelligence, and Vulnerability Management — including senior managers and staff-level ICs.
• Define and drive a unified security operations strategy that aligns detection, response, intelligence, and risk reduction into a coherent, outcome-driven program.
• Build and mature engineering-led capabilities: SIEM/SOAR platforms, detection-as-code practices, behavioral analytics, threat intel pipelines, and automated response playbooks.
• Apply adversary-centric frameworks — MITRE ATT&CK, threat modeling, adversary emulation — to continuously evolve coverage, reduce dwell time, and improve detection fidelity.
• Partner closely with Fraud, Product, and Customer Operations to align on shared threat surfaces, incident response coordination, and risk signal sharing across the business.
• Develop and mentor senior managers and ICs; build a culture of technical excellence, psychological safety, and clear accountability.
• Communicate operational risk, security posture, and program outcomes to executive leadership with precision — translating signals into decisions, not noise.
• Define and deliver OKRs anchored in engineering output and risk reduction: detection coverage expansion, automation containment rates, signal precision, and detection-as-code deployment velocity — not analyst throughput or ticket volume.
• Champion an AI-first approach to security operations — integrating automation, ML-driven detection, and intelligent triage to compound the team’s impact without linearly compounding headcount.
• Drive continuous improvement in process, tooling, coverage, and incident readiness — including post-incident reviews that produce measurable program changes, not just documentation.
• Evaluate and evolve the security tooling stack — partnering with vendors and internal engineering teams to ensure capabilities keep pace with the threat landscape and support a code-first operating model.

• You’ve built and scaled security operations functions — in fast-paced, product-driven environments — and have the outcomes and metrics to show for it.
• You’ve led multi-functional security organizations — including managers and senior ICs, and you know how to cultivate high performance without burning people out.
• You have real engineering depth — in at least one of these domains: detection engineering, security automation, SIEM/SOAR platforms, or threat intelligence — and you can credibly engage with your teams at a technical level.
• You’ve led response to serious security incidents — and your teams come out of them better than they went in — with improved playbooks, tooling, and process to prove it.
• You’re a strong cross-functional operator — who knows how to partner with engineering, product, and fraud teams to move at the speed a consumer business requires.
• You turn ambiguity into structure — you’ve built programs and frameworks where none existed, and you’ve made them stick across a complex organization.
• You communicate risk in a way that moves people — clear, confident, and grounded in data — whether you’re in a post-incident review or presenting to the C-suite.
• Background in regulated or consumer-facing industries — fintech, gaming, e-commerce, or similar — where speed and trust are equally non-negotiable.
• Experience building cloud-native detection and security engineering capabilities at scale (AWS, GCP, or Azure environments).
• Familiarity with adversary simulation, red team operations, or offensive security methodologies — even without direct program ownership.
• Prior ownership of threat intelligence programs or vulnerability management at an organization with a broad, complex attack surface.
• A track record of redefining how security effectiveness is measured — with program health framed around engineering throughput, automation coverage, and risk reduction rather than analyst activity.
• Experience applying AI, ML, or large-scale automation to detection and response — whether building models, integrating intelligent tooling, or rearchitecting how the team triages and contains threats.
• Experience in high-growth or startup environments where you’ve had to build capability faster than the threat landscape moves.

• We offer amazing benefits above and beyond the basics.
• We have an array of health plans to choose from (some as low as $0 per paycheck) that include programs for fertility and family planning, mental health support, and fitness benefits.
• We offer generous paid time off (PTO & sick leave), annual bonus and long-term incentive opportunities (based on performance), 401k with up to a 5% match, commuter benefits , pet insurance, and more - check out all our benefits here: FanDuel Total Rewards .
• medical, vision, and dental insurance;
• life insurance;
• disability insurance;
• a 401(k) matching program;
• among other employee benefits.
• This role may also be eligible for short-term or long-term incentive compensation, including, but not limited to, cash bonuses and stock program participation.
• This role includes paid personal time off and 14 paid company holidays.
• FanDuel offers paid sick time in accordance with all applicable state and federal laws.

FanDuel Group is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, and leagues. The premier gaming destination in the North America, FanDuel Group consists of a portfolio of leading brands across gaming, sports betting, daily fantasy sports, advance-deposit wagering, and TV/media, including FanDuel, Stardust Casino and TVG. The company is based in New York with US offices in Los Angeles, Atlanta, and Jersey City, as well as global offices in Canada and Scotland. The company’s affiliates have offices worldwide, including in Ireland, Portugal, Romania, and Australia. FanDuel Group is a subsidiary of Flutter Entertainment, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and traded on the New York Stock Exchange (NYSE: FLUT).

Read more about Flutter (FanDuel) →