Job Title

The Opportunity We are seeking an experienced Senior Security Engineer, Detection & Response to join our dynamic security team. In this role, you will provide Level 2 support to our managed Security Operations Center (SOC), monitoring and analyzing security alerts and emerging threats across our corporate, cloud, and production environments to identify and respond to potential security incidents and critical vulnerabilities. You'll work closely with the broader security team, IT department, and other engineering teams to develop a strong understanding of our ecosystem. This knowledge will enable you to effectively serve as an Incident Commander when required and coordinate incident resolution with cross-functional teams to ensure 24/7 coverage. Your comprehensive understanding will aid in threat hunting and forensic investigations to uncover indicators of compromise and patterns of malicious activity. Additionally, you'll fine-tune and develop detection rules, configurations, custom playbooks, and automations tailored to our environment in collaboration with our managed SOC. In vulnerability management, you will monitor security advisories and threat intelligence feeds while driving proactive actions throughout the organization. Your collaboration with cross-functional teams will be essential in proactively detecting and responding to security threats, ensuring the overall security of our digital assets. What You'll Do Security Operations Duties: Provide Level 2 support to a managed SOC and monitor security alerts and events from various sources, including corporate tools, WAF, security information and event management (SIEM) systems, and AWS to identify potential security incidents, intrusions, and vulnerabilities Conduct threat hunting and perform forensic investigations to identify indicators of compromise (IOCs) and patterns of malicious activity Coordinate and manage incident resolution with cross-functional teams, including acting as Incident Commander during incidents to help provide 24/7 coverage with other team members Support Cloud Detection & Response platforms to enable various automated notification and containment workflows Detection Engineering: Fine-tune and develop detection rules, configurations, and automations based on new threats, lessons learned, or environmental changes Work with the managed SOC to develop custom playbooks Write scripts and develop custom tools to automate detection and response processes where possible, adhering to SSDLC best practices Identify gaps in logging coverage to ensure maximum visibility into potential threats Manage cloud security products for web application security, including WAF rules and DDoS protection Collaborate with cross-functional teams to proactively detect and respond to potential security threats, ensuring the overall security of our organization's digital assets Vulnerability Management: Monitor security advisories, threat intelligence feeds, and vendor updates for critical threats and drive appropriate actions within the enterprise/product organization About You Education & Experience: Bachelor's degree in Computer Science, Information Security, or a related field Minimum of 5-7 years of experience in a SOC analyst or security operations role Technical Skills: Proficiency in programming and relevant scripting languages such as Python, JavaScript, Bash, and PowerShell Experience with AWS security services and best practices Familiarity with cloud security tools, identity management systems, and endpoint protection platforms Understanding of network protocols, firewalls, and intrusion detection systems Write to to get connected!