Security Engineer - Detection & Response

About The Position

Requirements

• 3+ years of hands-on security engineering experience and 5+ years of total engineering experience, with demonstrated impact in detection and incident response.
• Thrive in high-speed, high-ambiguity startup environments where you build security capabilities while responding to immediate threats.
• Deep technical expertise with security tooling including SIEM/SOAR platforms, EDR solutions, vulnerability scanners, and cloud security monitoring.
• Excel at solving problems in Python, Go, or similar languages, building automations that scale security impact.
• Proven ability to work effectively with cross-functional technical teams both with and without authority.
• Strong Linux systems experience in both bare metal and cloud environments, understanding infrastructure from kernel to application layer.
• Excellence at translating security concerns into business risk, enabling stakeholders to make informed decisions.

Nice To Haves

• You've built or contributed to detection engineering programs or incident response capabilities.
• Experience with threat intelligence platforms, threat hunting methodologies, or purple team exercises.
• Deep experience with specific SIEM platforms (Splunk, Elastic, Chronicle) or SOAR solutions.
• Experience driving or providing significant evidence for compliance audits, such as SOC 2, ISO 27001, PCI-DSS, HIPAA/HITECH, or FedRAMP.
• You've developed detection content shared with the security community (Sigma rules, YARA, etc.).
• Experience responding to incidents in both cloud (AWS, GCP, Azure) and bare metal environments.
• Security certifications like GCIH, GNFA, GCIA, or similar that demonstrate incident response expertise.
• Experience with forensics, malware analysis, or reverse engineering.
• Excitement about leveraging our direct access to state-of-the-art LLMs to enhance detection and response.

Responsibilities

• Qualify reports and lead response activities from initial triage through remediation and retrospective.
• Develop tools and workflows that accelerate incident response and reduce mean time to resolution.
• Drive prioritization and remediation of security findings across engineering teams in coordination with Security Technical Program Management.
• Participate in on-call rotation, ensuring rapid response to security events that threaten customer data or operations.
• Create and tune detection rules and alerts that identify threats across Lambda's infrastructure before they impact customers or revenue.
• Research and operationalize threat intelligence specific to AI infrastructure and Lambda's unique threat landscape.
• Proactively search for indicators of compromise and suspicious activity that automated detection might miss.
• Leverage Lambda's hosted LLMs to create AI-powered threat detection, automated triage, and intelligent alert correlation.
• Support periodic tabletop exercises and red team activities to test and improve detection coverage and response capabilities.

Benefits

• Health, dental, and vision coverage for you and your dependents.
• Wellness and Commuter stipends for select roles.
• 401k Plan with 2% company match (USA employees).
• Flexible Paid Time Off Plan that we all actually use.