Security Engineer - Detection & Response - Remote

Overview

You are an AI-powered Security Engineer responsible for identifying and responding to malicious or suspicious activity across our environment with speed and confidence. This role leads the engineering work behind these capabilities—designing scalable systems to detect threats and trigger automated responses. You will integrate AI into detection and response workflows to accelerate rule development, streamline enrichment, and reduce investigation time, with human validation ensuring precision and alignment.

As a cloud-first SaaS company relying on a broad portfolio of SaaS tools, we generate large volumes of event data across identity, endpoint, infrastructure, and collaboration systems. The scale and complexity of this telemetry demand improved detection engineering and automation.

This is a platform engineering role focused on building and operating a modern detection pipeline integrated with security automation workflows. You will use Python, structured data, and widely adopted frameworks for mapping adversary behaviors and response logic to drive faster, more effective security outcomes. This role is not a support or triage position but a strategic contributor to our security infrastructure.

In Short

• Implement and operate detection systems including a scalable cloud-native SIEM platform.
• Develop and maintain detection coverage maps aligned to MITRE ATT&CK techniques.
• Leverage AI to accelerate detection rule creation and conduct AI-assisted threat hunting.
• Build detection observability tools and dashboards to monitor rule effectiveness.
• Design and implement SOAR workflows and automated response playbooks.
• Lead incident response activities and drive continuous improvement of runbooks.
• Collaborate cross-functionally with engineering and business stakeholders.
• Work in a fully remote environment.
• Contribute to innovative security solutions.
• Be part of a team that values personal responsibility and impact.

Requirements

• 5+ years in security engineering or threat-focused automation roles.
• Strong knowledge of MITRE ATT&CK framework and detection logic.
• Hands-on experience with SIEM platforms.
• Strong Python scripting skills.
• Experience with structured data formats like JSON and YAML.
• Familiarity with AWS and cloud-native telemetry.
• Understanding of event-driven architecture.
• Ability to use AI tools for detection rule development.
• Comfortable working autonomously.
• Experience with detection-as-code practices preferred.

Benefits

• Competitive USD Compensation.
• 100% Remote (Home Country Only).
• Flexible Time Off.
• Local Holiday Pay.
• Continuous Learning opportunities.
• Access to cutting-edge AI tools.
• Feedback-rich, collaborative culture.
• Make a global impact in education.