Senior Security Engineer, Detection and Response

About The Position

Requirements

• 5+ years of experience in detection and response, security engineering, or software engineering with a security focus
• Strong software engineering fundamentals with proficiency in Python, Go, Ruby, or similar languages, and experience working in production codebases
• Hands-on experience with cloud environments (AWS preferred), including services such as CloudTrail, GuardDuty, and VPC flow logs
• Experience with log aggregation and analysis platforms (e.g., Datadog, Splunk, ELK) and endpoint detection tools (e.g., SentinelOne, CrowdStrike)

Nice To Haves

• Experience building AI/LLM-powered security tooling or applying AI to detection, triage, or investigation workflows
• Experience with detection-as-code frameworks or building custom detection pipelines
• Familiarity with containerized environments (Docker, Kubernetes, ECS/EKS)
• Experience with threat intelligence, threat hunting, forensics, or attacker tradecraft frameworks such as MITRE ATT&CK

Responsibilities

• Design, build, and maintain detection-as-code capabilities across cloud infrastructure, SaaS applications, endpoints, and identity systems, improving coverage and signal quality through Data-Driven Decision Making
• Build automated investigation and response workflows that replace manual runbooks, leveraging AI First principles to scale triage, enrichment, containment, and remediation
• Develop and deploy AI/LLM-powered tooling to accelerate investigations, reduce alert fatigue, and extend team capacity beyond traditional headcount constraints, embedding AI First practices into daily workflows
• Lead and participate in incident response, including detection, investigation, containment, and retrospectives, applying First Principles Problem Solving to identify root causes and improve long-term resilience
• Partner cross-functionally with engineering and platform teams to expand logging, improve observability, and embed detection capabilities into the development lifecycle
• Continuously improve detection quality by analyzing alert performance, tuning for signal, and building feedback loops between incidents and detections using Data-Driven Decision Making
• Proactively identify gaps in visibility or coverage and translate ambiguous problem spaces into concrete detection and response solutions through First Principles Problem Solving
• Adapt quickly to evolving threats, tools, and priorities, helping the team maintain momentum and effectiveness through Change Agility

Benefits

• Health (medical, vision, dental), life, and disability insurance
• Equity stock options
• Retirement plans
• Paid public holidays and unlimited PTO
• Paid maternity and parental leave
• Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)
• Employee Assistance Program