Senior Manager, Phishing-Takedown

Job Title - Senior Manager, Phishing-Takedown

About the Role

We are seeking a seasoned and strategic Senior Manager to lead the phishing takedown function within a cybersecurity or trust & safety organisation. This role will be responsible for overseeing the full lifecycle of phishing incident detection, partner-relationship management (registrars, hosting providers, platforms), rapid takedowns, process refinement and team leadership. The successful candidate will ensure that threats to the organisations brand, customers and digital ecosystem are mitigated swiftly, effectively and globally.

Key Responsibilities

Develop and execute the global strategy for phishing takedown operations: define SLAs (e.g., domain/URL takedown within hours), workflows, escalation paths and performance metrics.

Lead and manage the team responsible for phishing takedown and abuse remediation: set objectives, mentor staff, manage budgets and drive continuous improvement.

Establish and maintain strong relationships with external stakeholders: domain registrars, TLD/ccTLD registries, hosting/CDN providers, law-enforcement liaisons, platform abuse desks and technology partners.

Negotiate outlines of understanding (MOUs), priority takedown agreements, data-sharing or API access with external partners to ensure rapid response capabilities.

Oversee the end-to-end takedown process: from detection/triage of phishing sites, verification, partner engagement, takedown execution, confirmation and reporting.

Collaborate with threat intelligence, SOC, product, legal/compliance and security operations teams to align takedown efforts with broader incident response and brand-protection programmes.

Monitor phishing and digital-abuse trends (domains, impersonation sites, malicious apps, social-media abuse) and use insights to refine strategy, tooling and workflows.

Ensure accurate tracking and reporting of KPIs: takedown time, success rates, volumes, partner performance, cost per case, escalations and residual risk.

Drive automation, tooling and process optimisation: build or refine internal platforms, integrate detection feeds, develop dashboards and enable scaling of operations.

Ensure compliance with relevant laws, internet governance frameworks (ICANN, registrars policies), data-protection, evidence-handling and audit readiness.

Qualifications & Experience

Bachelors degree in Cybersecurity, Information Technology, Computer Science or a related field. Masters or relevant certification (CISSP, CEH) is a plus.

Minimum 710 years professional experience in phishing takedown, abuse response, brand-protection, trust & safety or cybersecurity operations with proven leadership experience.

Demonstrable experience working with domain registrars/TLDs, hosting/CDN providers, abuse desks, WHOIS/DNS processes, registrar/registry policy, and takedown workflows.

Proven success in managing high-volume takedowns, setting and meeting SLAs, partner management and contract negotiation.

Strong stakeholders/partner-management skills and ability to influence external organisations (registrars, platforms, governments).

Excellent analytical and problem-solving skills; comfortable interpreting detection/incident-data and driving action.

Outstanding communication skills (verbal & written) with ability to engage senior leaders, partners and cross-functional teams.

Familiarity with automation tooling, CI/CD of takedown workflows, dashboards/metrics and threat-intelligence integration.

Key Competencies & Behaviours

Strategic mindset: able to design and implement takedown strategy aligned with business objectives.

Results-oriented: focused on measurable outcomes rapid takedown, reduced risk exposure, partner performance improvements.

Leadership & team building: able to mentor the team, drive high performance and create a culture of continuous improvement.

Influential partner manager: builds trust and credibility with external and internal stakeholders.

Adaptable and resilient: comfortable handling high-pressure incidents, evolving threat landscapes and global operations.

Ethical and trustworthy: ensures high standards of confidentiality, integrity and compliance in all operations.

What We Offer

Competitive salary and performance-based incentives aligned with experience and outcomes.

Opportunity to play a critical leadership role in protecting brand, customers and digital assets from phishing and online abuse.

Exposure to cutting-edge cybersecurity operations, global partner networks and high-impact programmes.

A collaborative, growth-oriented environment with opportunity to shape our takedown strategy and operational architecture.

Apply now!