about 4 hours ago
Base Salary
$265k - $310k/yr
Responsibilities
- Own the design and evolution of threat detection and security operations capabilities.
- Define detection strategy across cloud infrastructure, applications, and endpoints.
- Establish and improve SIEM and monitoring architecture.
- Design and implement detection-as-code practices.
- Drive visibility across all critical assets.
- Take ownership of endpoint security monitoring.
- Lead the design and rollout of automated security controls.
- Define alerting strategy, including severity models and escalation paths.
- Lead investigations into complex security signals.
- Partner with engineering teams to improve instrumentation.
- Define and track key metrics like MTTD and MTTR.
- Mentor and guide other engineers in detection and security operations.
Requirements
- 6+ years of experience in Security Engineering, SRE, or Infrastructure Engineering with a strong security focus.
- Proven experience designing or improving security monitoring, detection, or SIEM systems.
- Strong understanding of cloud environments, ideally AWS.
- Experience with endpoint detection and response tools like SentinelOne.
- Deep experience with logs, events, and telemetry for high-signal detections.
- Strong programming or scripting skills in Python, Go, or similar.
- Understanding of attacker behavior and translating threats into detection strategies.
- Experience defining alerting models and reducing noise.
- Ability to operate in ambiguous environments.
- Strong cross-functional communication skills.
- A pragmatic, outcome-oriented mindset.