Security Engineer, Detection and Response

What You'll Achieve

• Design and maintain high-signal detections across cloud, identity, endpoints, and SaaS environments.
• Build and improve the detection platform, including rule lifecycle management, tuning, measurement, and rollout safety.
• Develop tooling and automation that accelerate triage, enrichment, investigation, and detection authoring, including LLM-based workflows where useful.
• Translate threat intelligence and adversary TTPs into durable detections, telemetry requirements, and response improvements.
• Participate in investigations, incident response, and postmortems that drive long-term security improvements.
• Define and track key metrics such as coverage, MTTD, and alert quality to guide investment decisions.
• Participate in a shared on-call rotation for incident response.

Skills You'll Need to Bring

• 6+ years of experience in detection engineering, security operations, incident response, or threat hunting.
• Built and operated production detections with strong signal quality and sustainable tuning processes.
• Fluent in one or more detection languages such as Sigma, KQL, SPL, YARA-L, EQL, or Panther.
• Offensive security mindset with experience leading purple team, blue team, or adversary emulation exercises that improved detections and telemetry.
• Strong cloud security experience in AWS, GCP, or Azure, including identity-focused attack detection.
• Hands-on with SIEM, EDR, and SOAR platforms in large-scale environments.
• Communicate clearly through design docs, runbooks, and incident reports, and can drive projects independently.

Nice to Have

• Experience applying LLMs or agent-style tooling to security workflows.
• Experience securing AI-enabled systems or endpoint tooling.
• Kubernetes or container detection experience.
• Background in threat intelligence, malware analysis, or digital forensics.
• Contributions to the detection engineering community through research, tooling, or talks.
• Experience at a high-growth startup or AI company.