CrawlJobs Logo

Senior Detection and Response Engineer

alpha-sense.com Logo

AlphaSense

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

128000.00 - 161000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Senior Detection and Response Engineer is a critical technical role responsible for driving the organization's defensive security capabilities across detection engineering, security orchestration, automation, and response (SOAR), and co-leading the organization's threat hunting program. This role is crucial for integrating new threat intelligence into high-fidelity detections and automating incident response processes to maximize team efficiency and response speed.

Job Responsibility:

  • Design, implement, and maintain advanced detection rules and correlation logic across SIEM , EDR, and Cloud platforms (AWS, GCP)
  • Lead detection strategy and architecture aligned with the Detection Quality frameworks
  • Write high-fidelity detection rules using languages like SIGMA and YARA-L
  • Conduct deep log source analysis, perform threat modeling, adversary emulation, and maintain MITRE ATT&CK mapping coverage
  • Conduct detection gap analysis to identify coverage opportunities across the kill chain
  • Create and maintain detection playbooks, runbooks, and comprehensive documentation
  • Perform detection quality assessments and continuous improvement initiatives
  • Develop complex automated response playbooks for multi-stage incidents spanning multiple security tools
  • Integrate security tools via APIs (SIEM, EDR, MDM, CASB, ITSM, threat intelligence platforms)
  • Create automated enrichment pipelines incorporating threat intelligence, asset context, and user behavior analytics
  • Develop automated containment actions (account disable, host isolation, firewall rule updates)
  • Measure and report automation ROI, tracking metrics like time saved and incident handling efficiency
  • Handle Incident Response processes and procedures as needed
  • Co-lead the organization's threat hunting program with the SOC Manager, defining strategy, methodology, and campaign planning
  • Execute proactive threat hunting campaigns by conducting hunt queries across SIEM and EDR platforms
  • Analyze large datasets to identify anomalous behavior patterns including user behavior, process execution, network traffic, and cloud activity
  • Develop hunting automation and tooling using custom Python scripts, Jupyter Notebooks, Osquery, and Velociraptor
  • Collaborate with threat intelligence sources to incorporate latest TTPs into hunting campaigns

Requirements:

  • 7+ years in security operations with 3+ years in detection engineering, including deep expertise in creating high-fidelity rules (SIGMA, YARA-L, KQL, SPL)
  • Proven track record of building detection strategies across SIEM, EDR, and Cloud platforms, grounded in the MITRE ATT&CK framework
  • Expert knowledge of SOAR platforms (e.g., Tines, Splunk SOAR, Cortex XSOAR), architecture, and complex playbook development
  • Proven experience designing and implementing SOAR platform architecture from concept to production
  • Advanced scripting and automation development skills in Python (required) for API integrations and security tool orchestration
  • Strong background in threat hunting methodology, hypothesis development, and campaign execution, with experience leading or co-leading hunting programs
  • Proficiency with data analysis, anomaly detection, and hands-on experience with hunting tools like Jupyter Notebooks, Osquery, and Velociraptor
  • Deep understanding of attack techniques, lateral movement, persistence mechanisms, and post-exploitation TTPs across Windows, Linux, and macOS
  • Familiarity with security frameworks including MITRE ATT&CK, PICERL, NIST CSF, and Detection Maturity Models, and incident response best practices
  • Proven ability to lead technical initiatives, mentor team members, and communicate complex technical concepts to diverse audiences

Nice to have:

  • Experience with YARA-L
  • Deep familiarity with Detection Frameworks and detection engineering quality frameworks
  • Proven track record implementing SOAR platforms from architecture through operationalization, with experience evaluating multiple platforms
  • Advanced knowledge of CrowdStrike Falcon platform including custom IOA rules
  • Background in purple team activities, adversary emulation, or red teaming
  • Experience with CI/CD practices for detection-as-code and automation-as-code
  • Contributions to open-source security projects or security certifications (GCDA, GCIH, GCIA, GCFA, OSCP, or equivalent)
  • Knowledge of security data lakes (Snowflake, BigQuery) and experience with threat intelligence platforms (TIP)
  • Published research, blog posts, or conference presentations on detection engineering, automation, or threat hunting topics
What we offer:
  • performance-based bonus
  • equity
  • a generous benefits program

Additional Information:

Job Posted:
February 03, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
AlphaSense - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Detection and Response Engineer

Senior Threat Detection Engineer

We’re expanding our Threat Detection Engineering team at Atlassian and looking f...
Location
Location
United States , San Francisco
Salary
Salary:
146300.00 - 235000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Minimum 3 years experience in Detection Engineering roles
  • Experience building advanced data analytics and ML based detection models to identify complex threats
  • Experience building effective detection capabilities to modern cloud environments
  • Experience using common programming languages to build automation
  • Experience identifying threats through proactive threat hunting
  • Experience using security detection technologies and systems, including firewalls, intrusion detection systems, EDR, and authentication systems
  • Experience successfully delivering complex projects
  • Strong analytical skills and the ability to effectively identify and resolve problems
Job Responsibility
Job Responsibility
  • Develop advanced threat detection mechanisms using complex data analytics and machine learning models that can effectively identify and raise alerts for any adversarial or high-risk behaviors within the Atlassian’s systems
  • Continuous improvement and fine-tuning of detection systems to effectively adapt to new and emerging cyber threats
  • Monitor and enhance critical detection systems to ensure their reliability and effectiveness in delivering robust detection capabilities
  • Deploy new detection technologies to continuously uplift and improve our detection capabilities
  • Collaborate with partner teams such as Incident Response and Threat Intelligence is to establish and maintain meaningful security alerts
  • Work closely with these teams to ensure security alerts are relevant, actionable, and aligned with the overall security strategy
  • Collaborate closely with Product Engineering, Data Platform, and Security Engineering teams to advance our detection coverage and tooling in our production cloud environments
  • Automate complex security operational tasks, aiming to streamline and optimize routine security activities
  • Develop tools, systems, and programs to enhance and fortify Atlassian's overall security posture
  • Remain informed about the latest security trends, emerging threats, and evolving technologies to ensure that Atlassian is well-prepared to adapt to new security challenges
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Senior Distributed Systems Engineer - Platform Engineering

For our Platform Engineering team, we are looking for programmers with strong in...
Location
Location
Poland
Salary
Salary:
Not provided
rtbhouse.com Logo
RTB House
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Excellent understanding of how complex IT systems work - from the hardware level, through software, to algorithms
  • Ability to proactively define requirements, ask appropriate questions and draw conclusions that will combine technical constraints and business needs
  • Ability to lead the design and implementation of a solution
  • Experience in leading project teams
  • Willingness to be involved in topics that go beyond programming and design, such as responsibility for technical areas or communication with other teams
  • Proactive attitude, independence in taking action
  • Extensive experience in programming and readiness to implement key system elements as well as involvement in code reviews
  • Good knowledge of methods of creating concurrent programs and distributed systems
  • Ability to critically analyze created solutions in terms of performance (from estimating the theoretical performance of designed systems to detecting and removing actual performance problems in production)
  • C1 level in English and Polish
Job Responsibility
Job Responsibility
  • Plan and then hands-on lead further development within a given technical area like deployment, monitoring, databases or load balancing, in the context of existing infrastructure within RTB House
  • Coordinate the work of a project team of 3-4 people, also making arrangements with other teams and units within RTB House
  • Ensure the reliability and scalability of the solutions built
What we offer
What we offer
  • Attractive compensation
  • Work in a team of enthusiasts who are willing to share their knowledge and experience
  • Flexible cooperation conditions - we do not have core hours, we do not have holiday limits
  • Access to the latest technologies and the possibility of real use of them in a large-scale and highly dynamic project
Read More
Arrow Right

Senior Engineering Manager - Risk

Our mission is to build the intelligent, automated systems and operational tools...
Location
Location
United States; Canada , San Francisco; New York; Portland
Salary
Salary:
239000.00 - 298800.00 USD / Year
mercury.com Logo
Mercury
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9+ years of software development experience
  • 3–5+ years of engineering management in a high-scale tech environment
  • AI/ML expertise—you’ve built and launched applied AI products (from LLMs to traditional ML models), shipping them from 0→1 and scaling 1→10 in production environments
  • Proven success building large-scale backend distributed systems, ideally involving integrations and decision automation
  • Experience with or curiosity about KYC, AML, risk, or compliance systems in financial services or fintech
  • A track record of raising the bar for quality and reliability, balancing shipping speed with technical excellence
  • Strong communication and leadership skills—you can inspire engineers, partner across functions, and adapt your management style to the moment
  • The ability to hire, retain, and develop exceptional technical talent
  • A pragmatic builder’s mindset: you believe beautiful systems are those that work, adapt, and last
Job Responsibility
Job Responsibility
  • Lead teams (4–8 engineers each) responsible for account onboarding, KYC/KYB, AML, and fraud detection decisioning and workflows, and operational tooling
  • Apply AI/ML—from traditional models to large language models—to unlock faster, real-time bank account application approvals. This work sits on the critical business path, directly driving efficiency and revenue growth
  • Partner with Product, Risk, and Data teams to design and deliver scalable systems that balance user experience with compliance rigor
  • Shape the next generation of our KYC and risk platforms—reliable, resilient, and easy to extend as regulations and business needs evolve
  • Create a strong culture of operational excellence, with measurable improvements to uptime, accuracy, and system quality
  • Build, mentor, and grow engineering talent
  • help managers and senior engineers level up technically and organizationally
  • Drive clarity amid complexity: translating between regulatory nuance and technical execution
  • Foster collaboration across teams to align on priorities, simplify interfaces, and make the whole system more maintainable and elegant
What we offer
What we offer
  • base salary
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
256000.00 - 342000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • Experience with AWS, GCP, or similar cloud platforms
  • Experience in building and delivering projects from start to finish
  • Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution. Participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Senior Systems Engineer

AnaVation is seeking a highly skilled Senior Systems Engineer to join our Cross ...
Location
Location
United States , Vienna
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Engineering, Computer Science, or related technical discipline
  • 7–9 years of documented experience in Information Systems Engineering
  • Hardware and network designs for large-scale enterprise applications
  • Implementing and maintaining security best practices, creating and maintaining documentation for architecture, configuration and processes
  • Experience establishing and maintaining monitoring and alerting systems for cloud and on premise resources
  • Optimizing on premise and cloud infrastructure for cost efficiency and performance
  • Troubleshooting and resolving issues related to performance and availability
  • Documented and demonstrated experience with troubleshooting and problem solving
  • Experience with software development
  • Experience scripting and programming for automation
Job Responsibility
Job Responsibility
  • Architect, develop and support a for a highly available resource for mission-critical programs composed of numerous AWS services and on-premises servers across multiple locations
  • Automation and Cloud Integration: Automate the creation and management of AWS resources using AWS CloudFormation, AWS Lambda, GitLab, BASH, and Python scripting
  • Infrastructure Lifecycle Automation: Design and implement an automated, hands-free monthly server rebuild and switchover process leveraging CloudFormation, Lambda, and EventBridge
  • Linux Automation and Monitoring: Develop and maintain a comprehensive system of scripts and processes to automate configuration, maintenance, and monitoring of UNIX systems
  • Maintain network hardware and server infrastructure, including analysis, configuration, installation, and testing of new hardware and software
  • Support daily network operations, evaluating utilization, monitoring response times, and detecting and resolving operational problems
  • Troubleshoot issues at both the physical and logical levels of the network, using diagnostic tools and communication protocol analysis
  • Participate in planning, design, technical reviews, and implementation of network and infrastructure projects supporting voice and data communications
  • Maintain and enhance network infrastructure standards, including TCP/IP communication protocols, and ensure adherence to industry and security best practices
  • Exhibit proficiency with virtualization technologies (VMware, AWS, etc.) and network administration, ensuring high system availability and scalability
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

The Senior Security Engineer will provide hands-on technical leadership within t...
Location
Location
United Kingdom , Leeds; Thame
Salary
Salary:
65000.00 - 75000.00 GBP / Year
pexa.co.uk Logo
PEXA UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proactive, can-do attitude to get things done quickly and efficiently
  • Strong collaboration and communication skills
  • Willingness to contribute ideas to the security programme
  • Demonstratable first-hand experience in achieving organisational adherence to security best practices
  • Experience in the practical protection of a remote working laptop estate and SaaS cloud solutions
  • Experience in identity and access management solutions
  • Experience in device business automation and updates
  • Experience in the security aspects of cloud web application hosting and defence measures like WAF
Job Responsibility
Job Responsibility
  • Maintenance and Operational Security: Ensure all security solutions remain operationally effective
  • Ensure technical teams timely patch applications, systems, software, and hardware
  • Maintain and audit secure configurations for devices, applications, and cloud environments
  • Access Control and Identity Management: Conduct regular user and privileged account reviews
  • Manage and monitor Privileged Identity Management (PIM) profiles and elevated access accounts
  • Coordinate with IT and HR for onboarding/offboarding
  • Tool, Infrastructure, and Encryption Management: Maintain and optimise security infrastructure and tools
  • Oversee encryption key and certificate management
  • Work with vendors and internal teams to ensure tools remain current
  • VPN, Network & Firewall Security: Design, configure, and maintain secure VPN and Zero-Trust network solutions
What we offer
What we offer
  • Your growth: We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools
  • Your wellness: We care about your holistic wellbeing
  • Your work/life blend: We want to help you create your ideal work/life blend
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy