At adidas, every day is a chance to flip the script. An invitation to take everything we know and re-invent it. Do it better. Never settling for good enough.

Every day we get up, invent, adapt, improvise, find new ways to collaborate,
and do the unexpected. We’re creators, makers and doers. Helping athletes make
a difference, not just in their games, but in their lives and in their world.

It’s an obsession.
We’ve been doing this for more than 75 years. With an unmatched history and tradition
of creating iconic products, consumer connections and experiences, we’ve been defining
sport culture since the beginning.

And we’re never done.
Come be a part of shaping the future together with us.

IT STARTS WITH YOU

JOB TITLE
Manager Information Security – Cyber Detection & Response Engineering (M4)

AREA / TEAM
Global Information Security – Cyber Detection & Response Engineering

PURPOSE: 

As part of the Cyber Detection & Response Engineering team, this role is responsible for the innovation, implementation, and operation of advanced security detection and response capabilities.

The position focuses on operating and enhancing security technologies that detect and respond to cyber threats, with a strong emphasis on Microsoft security solutions, especially Microsoft Defender for Endpoint and Microsoft Sentinel, as well as relevant cloud detection and response technologies.

A key responsibility is the design and development of bespoke, tailored detection rules and use cases across multiple platforms (e.g., Defender, Sentinel, cloud-native security tools) to effectively identify evolving cyber threats and attack patterns.

The role ensures the protection of adidas’ systems, data, and infrastructure by enabling effective detection mechanisms, engineering automation solutions for scalable and efficient incident response, and continuously improving security operations. It also drives the adoption of AI-based capabilities to enhance detection quality, operational efficiency, and scalability of cyber defense solutions.

KEY ACCOUNTABILITIES:

• Operate, manage, and continuously improve cyber detection and response technologies, with a focus on Microsoft Defender for Endpoint and related Microsoft security stack
• Act as the L3 primary contact for operations, troubleshooting, and support of endpoint detection and response (EDR) solutions
• Design, implement, and optimize detection rules and use cases to identify cyber threats and attack patterns
• Develop and implement automation (e.g., SOAR use cases, scripting) to improve incident response efficiency and scalability
• Leverage AI and advanced analytics to enhance detection capabilities and automate security operations processes
• Contribute to the implementation and operationalization of security tools and services across the organization
• Collaborate with global security teams, IT teams, and vendors to enhance detection and response capabilities
• Provide expert guidance on detection strategies, tooling, and security best practices
• Support continuous improvement initiatives, including tuning detections, reducing false positives, and increasing coverage
• Contribute to security standards, policies, and operational procedures in the detection and response domain

WHAT WE ARE LOOKING FOR: REVIEW & ADAPT AS NEEDED

• College or university degree with focus on IT, Information Security, or equivalent combination of education and experience
• 7+ years of IT experience, including at least 4–5 years in an area related to cybersecurity, preferably in detection & response or security operations
• Strong interpersonal and communication skills. Fluent English skills (verbal and written)

Specific technical skills (role dependent):
o Strong experience with Microsoft security technologies, especially Microsoft Defender for Endpoint
o Experience in detection engineering (SIEM, EDR, XDR) and writing detection rules/use cases
o Hands-on experience with automation (e.g., scripting, SOAR platforms such as Microsoft Sentinel)
o Solid understanding of cyber attack techniques, frameworks (e.g., MITRE ATT&CK), and incident response processes
o Experience with log analysis, threat hunting, and security monitoring

Nice to have technical skills:
o Experience with AI/ML use cases in cybersecurity (e.g., anomaly detection, automated triage)
o Experience with cloud security (Azure Security, Microsoft Defender for Cloud)
o Knowledge of additional domains such as SIEM, SOAR, Vulnerability Management, or Application Security
o Scripting skills (Python, PowerShell)

• DevOps mindset with ownership of the IT process from development/testing to deployment phase
• Experience working in agile teams (Scrum/Kanban)
• Ability to cope with change, make decisions, and act comfortably when confronted with risk or uncertainty
• Proactivity and “team player” attitude, with strong problem solving skills, hands-on approach, and a growth mindset
• Passion for cybersecurity and continuous improvement, with a strong quality and automation mindset

WHAT IF I DON’T CHECK ALL THE BOXES?

It’s ok if some of the technology or terminology mentioned here are new for you. We’ll happily teach you.
At adidas, we’re keen to increase our team’s diversity of backgrounds and skills, and we’re more interested in the work you will produce than that work you’ve already produced in the past. If you’d love to work with us, then we’d love to hear from you.

MAIN TECHNOLOGIES WE USE:

• Microsoft Security Stack (Defender for Endpoint, Defender for Cloud Apps, Microsoft Sentinel)
• Endpoint Detection & Response (EDR/XDR)
• Security Information and Event Management (SIEM)
• Security Orchestration, Automation and Response (SOAR)
• Threat detection frameworks (MITRE ATT&CK)
• Automation & scripting (PowerShell, Python)
• AI-driven security analytics