Detection & Response Engineer

About the Role

We are seeking a skilled and proactive Detection & Response Engineer to join our security team. In this critical role, you will be responsible for detecting, investigating, and responding to security incidents across our cloud-native and AI-focused infrastructure. You will play a key part in safeguarding our innovative technologies and sensitive data.

Ideal Experience

1. Monitor and analyze security alerts and logs to identify potential threats and anomalies
2. Develop, implement, and maintain detection rules and correlation logic in our SIEM platform
3. Conduct thorough investigations of security incidents, performing root cause analysis and impact assessments
4. Lead incident response efforts, coordinating with relevant teams to contain and mitigate threats
5. Create and maintain incident response playbooks and runbooks
6. Perform regular threat hunting activities to proactively identify potential security risks
7. Develop and refine metrics and reporting to track the effectiveness of detection and response capabilities
8. Collaborate with other security teams to improve overall security posture and incident handling processes
9. Stay current with emerging threats, attack techniques, and defensive strategies in the cloud-native and AI domains

Requirements

1. Bachelor's degree in Computer Science, Cybersecurity, or a related field
2. 3-5 years of experience in security operations, incident response, or a similar role
3. Strong understanding of cybersecurity principles, attack techniques, and defensive strategies
4. Proficiency in at least one scripting language (e.g., Python, Rust) for automation and tool development
5. Experience with SIEM platforms and log analysis tools
6. Familiarity with cloud environments (e.g., AWS, GCP, Azure) and their security features
7. Knowledge of network protocols, system administration, and common attack vectors
8. Strong analytical and problem-solving skills with attention to detail
9. Excellent communication skills and ability to work effectively under pressure

Preferred Qualifications

1. Relevant security certifications (e.g., GCIH, GCIA, SANS)
2. Experience with threat intelligence platforms and their integration into detection processes
3. Familiarity with AI/ML security implications, particularly those outlined in the OWASP LLM Top 10
4. Knowledge of software supply chain security and SBOM analysis
5. Experience with containerized environments and Kubernetes security

Bonus Skills

1. Experience in building custom security tools or integrations to enhance detection and response capabilities
2. Interest in leveraging AI to improve threat detection and automate response processes
3. Contributions to open-source security projects or threat research
4. Experience with digital forensics and malware analysis

Annual Salary Range

$180,000 - $440,000 USD

Benefits

1. 401(k)
2. Distributed team
3. Async
4. Vision insurance
5. Dental insurance
6. Medical insurance
7. Unlimited vacation
8. Paid time off
9. 4 day workweek
10. 401k matching
11. Company retreats
12. Coworking budget
13. Learning budget
14. Free gym membership
15. Mental wellness budget
16. Home office budget
17. Pay in crypto
18. Pseudonymous
19. Profit sharing
20. Equity compensation
21. No whiteboard interview
22. No monitoring system
23. No politics at work
24. We hire old (and young)

Location

San Francisco Bay Area, California, United States #J-18808-Ljbffr