Xai
Detection & Response Engineer
Xai, San Francisco, California, United States, 94199
About the Role
We are seeking a skilled and proactive Detection & Response Engineer to join our security team. In this critical role, you will be responsible for detecting, investigating, and responding to security incidents across our cloud-native and AI-focused infrastructure. You will play a key part in safeguarding our innovative technologies and sensitive data.Ideal ExperienceMonitor and analyze security alerts and logs to identify potential threats and anomaliesDevelop, implement, and maintain detection rules and correlation logic in our SIEM platformConduct thorough investigations of security incidents, performing root cause analysis and impact assessmentsLead incident response efforts, coordinating with relevant teams to contain and mitigate threatsCreate and maintain incident response playbooks and runbooksPerform regular threat hunting activities to proactively identify potential security risksDevelop and refine metrics and reporting to track the effectiveness of detection and response capabilitiesCollaborate with other security teams to improve overall security posture and incident handling processesStay current with emerging threats, attack techniques, and defensive strategies in the cloud-native and AI domainsRequirementsBachelor's degree in Computer Science, Cybersecurity, or a related field3-5 years of experience in security operations, incident response, or a similar roleStrong understanding of cybersecurity principles, attack techniques, and defensive strategiesProficiency in at least one scripting language (e.g., Python, Rust) for automation and tool developmentExperience with SIEM platforms and log analysis toolsFamiliarity with cloud environments (e.g., AWS, GCP, Azure) and their security featuresKnowledge of network protocols, system administration, and common attack vectorsStrong analytical and problem-solving skills with attention to detailExcellent communication skills and ability to work effectively under pressurePreferred QualificationsRelevant security certifications (e.g., GCIH, GCIA, SANS)Experience with threat intelligence platforms and their integration into detection processesFamiliarity with AI/ML security implications, particularly those outlined in the OWASP LLM Top 10Knowledge of software supply chain security and SBOM analysisExperience with containerized environments and Kubernetes securityBonus SkillsExperience in building custom security tools or integrations to enhance detection and response capabilitiesInterest in leveraging AI to improve threat detection and automate response processesContributions to open-source security projects or threat researchExperience with digital forensics and malware analysisAnnual Salary Range
$180,000 - $440,000 USD
California Consumer Privacy Act (CCPA) Notice
We are seeking a skilled and proactive Detection & Response Engineer to join our security team. In this critical role, you will be responsible for detecting, investigating, and responding to security incidents across our cloud-native and AI-focused infrastructure. You will play a key part in safeguarding our innovative technologies and sensitive data.Ideal ExperienceMonitor and analyze security alerts and logs to identify potential threats and anomaliesDevelop, implement, and maintain detection rules and correlation logic in our SIEM platformConduct thorough investigations of security incidents, performing root cause analysis and impact assessmentsLead incident response efforts, coordinating with relevant teams to contain and mitigate threatsCreate and maintain incident response playbooks and runbooksPerform regular threat hunting activities to proactively identify potential security risksDevelop and refine metrics and reporting to track the effectiveness of detection and response capabilitiesCollaborate with other security teams to improve overall security posture and incident handling processesStay current with emerging threats, attack techniques, and defensive strategies in the cloud-native and AI domainsRequirementsBachelor's degree in Computer Science, Cybersecurity, or a related field3-5 years of experience in security operations, incident response, or a similar roleStrong understanding of cybersecurity principles, attack techniques, and defensive strategiesProficiency in at least one scripting language (e.g., Python, Rust) for automation and tool developmentExperience with SIEM platforms and log analysis toolsFamiliarity with cloud environments (e.g., AWS, GCP, Azure) and their security featuresKnowledge of network protocols, system administration, and common attack vectorsStrong analytical and problem-solving skills with attention to detailExcellent communication skills and ability to work effectively under pressurePreferred QualificationsRelevant security certifications (e.g., GCIH, GCIA, SANS)Experience with threat intelligence platforms and their integration into detection processesFamiliarity with AI/ML security implications, particularly those outlined in the OWASP LLM Top 10Knowledge of software supply chain security and SBOM analysisExperience with containerized environments and Kubernetes securityBonus SkillsExperience in building custom security tools or integrations to enhance detection and response capabilitiesInterest in leveraging AI to improve threat detection and automate response processesContributions to open-source security projects or threat researchExperience with digital forensics and malware analysisAnnual Salary Range
$180,000 - $440,000 USD
California Consumer Privacy Act (CCPA) Notice