Senior Detection Engineer

About The Position

Requirements

• Minimum of 6+ years in cybersecurity, with a focus on detection and response.
• Technical proficiency with protection of on-premise computing environments and proficiency with one or more major cloud computing environments.
• Strong expertise in incident handling and forensic investigation.
• Strong knowledge of the cyber threat landscape and ability to articulate and incorporate understanding of major threat categories, motivations, and intent of adversaries.
• Automation-first mindset and demonstrated expertise in mentoring and training peers in security engineering skill sets.
• Experience in at least one programming language (Python, Go, C, C++) or deep expertise using low-code automation tools or SOAR platforms.
• Exceptional collaboration and communication skills, with the ability to engage with partners and stakeholders from various perspectives and technical understanding.
• Familiarity with modern infrastructure tools, such as Docker, Kubernetes, Ansible, Cloud Formation, Terraform.
• Experience with Unix/Linux environments.
• Self-motivated, with good communication and writing skills.
• Must be able to pass a background check.
• Embody the Company values

Nice To Haves

• Experience building and scaling open source security observability solutions

Responsibilities

• Develop and execute a comprehensive security operations strategy that aligns with organizational goals, ensuring robust protection against current and future cyber threats.
• Evaluate and implement emerging security technologies and methodologies to continuously enhance our security posture and operational efficiency.
• Partner with stakeholders and cross-functional teams (Engineering, Product, SRE, IT, Legal) to adapt in a dynamic security landscape.
• Design, implement, and fine-tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities.
• Continuously tune alerting rules to reduce false positives and enhance our signal-to-noise ratio.
• Perform forensics and lead response efforts during security incidents, including triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution.
• Drive the advancement and growth of detection and automation initiatives.
• Manage security event monitoring, management, response workflows, and tasks.
• Improve security operations by developing measurement capabilities and metrics to track and communicate performance, coverage, and risk.
• Author comprehensive runbooks, write automation scripts, and build SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.
• Create, maintain, and manage a library of automated playbooks to address new threats and tactics employed by attackers.
• Develop standard operating procedures and other appropriate documentation to enforce quality and consistency of services being delivered.
• Support ongoing security compliance, audit, and certification programs (e.g., HIPAA, SOC 2).

Benefits

• Industry competitive pay
• Restricted Stock Units in a fast growing, well-funded technology company
• Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
• Employer contributions to HSA accounts
• Paid Parental Leave
• Paid life insurance, short-term and long-term disability
• Teladoc
• 401(k) with a 100% match up to 4% of salary
• Generous paid time off and holiday schedule
• Cell phone reimbursement
• Tuition reimbursement
• Subscription to the Calm app
• MetLife Legal
• Company paid commuter benefit; $300 per month