Threat and Incident Response - Senior Security Engineer

Lula, a Series A, VC-backed insurtech startup based in Miami, FL, is seeking a Security Engineer to join their team. As a Security Engineer, you will be responsible for developing, refining, and applying detection and incident response playbooks. Your role will involve performing oncall duties to triage detection and incident response events, analyzing data from various sources to identify security events, and improving detection capabilities. This is an exciting opportunity to contribute to Lula's mission of revolutionizing the insurance industry by integrating insurance seamlessly into businesses.

• Develop, apply, and refine detection and incident response playbooks
• Perform oncall duties triaging detection and incident response events
• Analyze data from disparate sources, correlating noise into security events
• Improve detection

• Experience in performing detection and incident response engineering
• Ability to operate and build tools and detections for catching and containing incidents
• Proficiency in Linux, macOS, and detection and response capabilities
• Strong analytical skills for analyzing data from different sources and correlating them into security events
• Prior experience in developing, applying, and refining detection and incident response playbooks
• Willingness to perform on-call duties for triaging detection and incident response events
• Ability to improve detection capabilities
• Vision and ability to implement and enable a detection and response program

• Develop, apply, and refine detection and incident response playbooks
• Perform oncall duties triaging detection and incident response events
• Analyze data from disparate sources, correlating noise into security events
• Improve detection workflows with automation and alert enrichments
• Write detection rules to identify threats specific to our environment
• Share knowledge and experience with peer teams and engineers
• 8+ years experience as a security engineer in related domains
• Experience in operational teams or responsible as the first responder to security incidents
• Knowledge of operating systems, file systems, and memory on OS X, Linux, Windows, or iOS/Android.
• Coding or scripting proficiency in one or more languages
• Experience improving operational teams capabilities/KPI's
• Practical experience with attacker tactics, techniques, and procedure