Senior Security Engineer, Detection & Response - Remote

Overview

Marqeta is seeking a Canada-based Senior Security Engineer to join our Security Operations & Response Team. In this senior-level role, you’ll serve as a key technical leader, driving complex incident response efforts, developing advanced detection capabilities, and mentoring junior team members. You’ll play a critical role in evolving our detection engineering program through proactive threat hunting, automation, and strategic collaboration across the business to strengthen our overall security posture. This position requires deep expertise in enterprise security tools, threat intelligence, and cloud technologies, along with the ability to lead initiatives and produce robust security documentation. The role includes participation in a 24x7 on-call rotation and spans both hands-on response and long-term program development. Reporting to the Manager of Security Operations & Response, this position follows our Flexible First approach and can be based remotely anywhere in Ontario or British Columbia.

In Short

• Serve as a primary security responder, leading the triage and investigation of complex security alerts as part of the Security Operations & Response team
• Participate in 24x7x365 on-call rotations, providing senior-level expertise and escalation support for security events, alerts, and incidents
• Lead technical response efforts as a core member of the Cybersecurity Incident Response Team during security incidents
• Engineer and maintain sophisticated detection logic across multiple data sources to identify persistent threats and anomalous behavior patterns
• Design and implement comprehensive detection coverage mapping, documenting capabilities and identifying blind spots in the threat landscape
• Develop and track key performance indicators, including metrics pertaining to detection effectiveness, false positive rates, mean time to detect, respond, and recover in collaboration with leadership
• Develop and maintain comprehensive incident response runbooks, standard operating procedures, and technical documentation to ensure consistent and effective response operations
• Mentor junior team members in security operations best practices, detection engineering techniques, and incident response methodologies
• Build automation workflows and orchestration playbooks that enhance detection engineering processes, threat hunting operations, and incident response procedures
• Conduct proactive threat hunting campaigns using hypothesis-driven methodologies to uncover hidden threats in corporate and production environments
• Continuously evaluate and optimize existing detection rules through threat modeling, ensuring coverage evolves with the changing attack landscape

Requirements

• 5+ years of hands-on experience in security operations with deep expertise in detection engineering, threat hunting, incident response, digital forensics, and/or threat intelligence
• Intellectual curiosity with a passion for understanding emerging threats, analyzing attack patterns, and continuously learning about evolving security landscapes and adversary tactics
• Strong investigative instincts that compel you to dig deeper into anomalies, follow evidence trails, and reconstruct complex security incidents from fragmented data
• Commitment to proactive learning and staying ahead of evolving threats by researching emerging attack techniques and sharing insights with the security team
• Solid technical foundation in security concepts and technologies, with hands-on experience using enterprise security tools including EDR, SIEM, and SOAR platforms
• Proficiency with threat intelligence frameworks such as MITRE ATT&CK and their application in assessing detection capabilities and coverage gaps
• Expertise in developing new threat detection use cases based on security telemetry analysis, environment baselining, actionable threat intelligence, and incident response findings
• Ability to identify detection coverage gaps across global infrastructure and collaborate with stakeholders to enhance visibility through improved logging and detection content
• Strong understanding of AWS cloud services and containerization technologies
• Experience with infrastructure as code tools such as Terraform

Benefits

• Multiple health insurance options
• Flexible time off – take what you need
• Retirement savings program with company contribution
• Equity in a publicly-traded company
• Monthly stipend to support our remote work model
• Annual “development dollars” to support our people growth and development
• Family-forming benefits and up to 20 weeks of Parental Leave