Security Engineer

About the Role

Requirements

• 3+ years of experience in a Security Engineer Detection & Response Security Operations or similar hands-on security role
• Experience with at least one major cloud provider (AWS GCP or Azure)
• Hands-on experience using a SIEM or centralized logging platform for detection threat hunting and investigations
• Proficiency using Python or JavaScript/Node.js for security engineering tasks including research automation detections and integrations
• Strong experience working in Linux-based environments
• Solid understanding of incident response fundamentals and common attacker techniques across cloud and endpoint environments
• Experience with endpoint detection and response (EDR) technologies
• Experience collaborating closely with DevOps and software engineering teams
• Background in application security including CI/CD risks dependency attacks and secrets exposure
• Exposure to threat intelligence and applying it to detections or investigations
• Experience operating in high-threat or highly adversarial environments

Responsibilities

• Design implement and improve security controls and detections in cloud environments
• Perform threat hunting and investigations using telemetry from cloud services endpoints and internal systems
• Respond to security incidents including complex and low-signal cases involving novel attacker techniques
• Use Python or JavaScript/Node.js to research attacker behavior develop advanced detections and automate investigations and response workflows
• Configure extend and integrate security tools and data sources
• Collaborate with DevOps Infrastructure IT and Engineering teams to embed security into systems and workflows
• Evolve incident response playbooks detection strategies and security processes
• Participate in a security on-call rotation

Skills