Senior Threat Detection and Response Engineer

About The Position

Requirements

• Experience designing, building, and maintaining detection logic using CrowdStrike EDR telemetry.
• Experience developing and operationalizing detection-as-code, including custom queries and correlation rules.
• Experience conducting cyber threat intelligence (CTI) analysis and proactive threat hunting.
• Experience tuning and improving detection fidelity.
• Experience building and maintaining automated response workflows and playbooks.
• Experience collaborating with AI engineering teams on detection and response pipelines.
• Experience managing detection content and automation code in GitHub, applying software engineering best practices.
• Proficiency in writing Python scripts for automation, data parsing, and detection development.
• Experience serving as a senior technical resource for critical incident response.
• Experience applying digital forensics and incident response (DFIR) expertise.
• Experience developing and refining incident response playbooks and post-incident documentation.
• Experience mentoring junior engineers.
• Experience delivering cybersecurity training.
• Experience generating platform performance reports and contributing to strategic planning.
• Experience evaluating emerging security technologies and conducting proof-of-concept assessments.

Nice To Haves

• Preference for candidates located in the western United States (West Coast or Rocky Mountain region).

Responsibilities

• Design, build, and maintain detection logic using CrowdStrike, leveraging its EDR telemetry to identify advanced threats.
• Develop and operationalize detection-as-code, including custom queries and correlation rules.
• Conduct cyber threat intelligence (CTI) analysis and proactive threat hunting to surface novel attack patterns.
• Continuously tune and improve detection fidelity, reducing false positives and improving signal quality.
• Build and maintain automated response workflows and playbooks in Tines.
• Collaborate with the SecOps AI engineering team to integrate AI-driven capabilities into detection and response pipelines.
• Manage detection content and automation code in GitHub, applying software engineering best practices (version control, code review, CI/CD).
• Write Python scripts to extend automation, parse data, and support detection development.
• Serve as a senior technical resource for critical incident response, including after-hours and weekend escalations for high and critical severity events.
• Apply digital forensics and incident response (DFIR) expertise to investigate, contain, and remediate security incidents.
• Develop and refine incident response playbooks and post-incident documentation.
• Lead or support SOC incident management in the absence of the manager.
• Mentor and develop a junior detection engineer through regular guidance, code review, and knowledge sharing.
• Deliver monthly cybersecurity training sessions for the broader team.
• Generate monthly platform performance reports and contribute to strategic planning discussions.
• Evaluate emerging security technologies and contribute to proof-of-concept assessments.

Benefits

• Health and welfare insurance plans
• Retirement programs
• Parental leave
• Adoption assistance
• Wellbeing resources
• Travel perks (deals on flights, hotels, cruises, car rentals)
• Access to over 20,000 courses on a learning platform
• Leadership courses
• New job openings available to internal candidates first
• INclusion Groups for connecting with colleagues