2 days ago
Responsibilities
- Own daily security intake across alert queues and escalations.
- Investigate and resolve security events end-to-end.
- Pivot across various telemetry to build timelines and assess impact.
- Run investigations across non-uniform environments.
- Turn investigative patterns into durable improvements.
- Identify structural gaps and push for long-term fixes.
- Define containment criteria and coordinate investigation threads.
- Lead cross-team efforts to improve investigation quality.
Requirements
- 5+ years of experience in detection and response or security engineering.
- Strong investigative judgment across various security signals.
- Experience leading incidents end-to-end.
- Strong SQL and log-query/analysis skills.
- Current knowledge of attacker TTPs across multiple operating systems.
- Established AI development workflow experience.
- Experience building or maintaining security detections and workflows.
- An engineering mindset focused on automation and efficiency.
Benefits
- Remote work options.
- Medical insurance.
- Flexible time off.
- Retirement savings plans.
- Modern family planning support.
Tech Stack
AWSKubernetesLinuxmacOSSQLWindows