Staff Security Engineer - Detection and Response

What we're looking for:

• Minimum 7 years of experience in a security role with a focus on Detection Engineering, Incident Response, Digital Forensics and/or Threat Intelligence
• Experience leading and collaborating on complex and ambiguous cross-functional projects from design through implementation
• Expertise in leading security incidents to resolution with various incident responders and stakeholders
• Experience in building logging pipelines for log ingestion into a centralized system
• Expertise in SIEM and SOAR solutions for building behavior based detections and security automations
• Experience with Detection-as-Code to automate detection engineering workflows
• Experience with EDR, IDS/IPS and forensic analysis tools on various operating systems
• Strong understanding of current threat landscape and threat actor TTPs
• Experience with threat hunting and analyzing logs to identify potential security or privacy impacts
• Experience deploying cloud services (e.g., AWS, GCP) and a strong understanding of cloud security principles
• Proficiency in scripting and programming languages (e.g., Python, Bash) for automation and tool development
• Experience with software development lifecycle, project management, Terraform and CI/CD in GitLab or GitHub
• Excellent communication skills with a drive for collaboration and leveling up team members
• Bonus: Relevant certifications such as CEH, OSCP, GSOC, GCIH, GCDA or equivalent.

What you can expect:

• Lead the design, development, and implementation of detection and response processes for all of Security
• Operate as a technical leader by helping define the Detection and Response team roadmap through collaboration with the manager
• Define the scope, timeline, milestones and success criteria for projects, ensuring deliverables are met and in alignment with Security OKRs
• Build strong relationships with partner and stakeholder teams in order to advise on improvements to detection capabilities and response procedures
• Manage security incidents through the incident response process from identification to resolution
• Design and build systems to automate security processes and workflows to improve efficiency and scalability
• Participate in an on-call rotation with potential for work on nights or weekends in the event a significant security issue is identified
• Partner with developers, engineers and other departments to review and address security issues
• Develop and maintain threat intelligence sources to stay informed about emerging threats and attack vectors
• Write and execute response playbooks that can be utilized by all members of the team
• Mentor and train team members to uphold a high team standard
• Participate in security audits, vendor assessments and security tabletop exercises
• Be a subject matter expert on the team’s security tooling, processes and procedures