Security Response Engineer, Detection Engineering - Remote

Overview

As a Security Response Engineer, you’ll lead our detection engineering efforts and the infrastructure that powers it, while contributing to Threat Management’s shared operational duties.

In Short

• Own detection engineering as a product: set the roadmap and drive measurable outcomes
• Build and run telemetry pipelines
• Establish team-wide standards: lead the standardization of internal security tooling, infrastructure deployment strategy, and access methods
• Proactively identify and implement areas of improvement and modernization
• Shape our EDR/SIEM strategy: act as a key stakeholder in evaluations, migrations, and architecture decisions
• Join the team's on-call rotation to assist in writing, tuning, and triaging detections, as well as coordinating the response to security incidents

Requirements

• Experience leading detection engineering efforts (logging pipelines, enrichment/automation, quality monitoring)
• Hands‑on experience managing and deploying security infrastructure and tooling (IaC, containerization, remote access)
• Track record of authoring and tuning detections across endpoint, cloud, identity, and/or network telemetry
• Operational rigor: served in a security on‑call rotation and acted as incident coordinator for high‑severity events
• Led a cross-functional initiative to ship a security-related capability
• Previous coding experience (Python, Go, Rust, or similar)

Benefits

• Remote-first work environment
• Opportunities for professional growth and development
• Collaborative and innovative team culture
• Participation in key security projects
• Flexible working hours