CrawlJobs Logo

Senior Detection & Response Engineer

United States of America, Playa Vista 101000.00 - 186754.00 USD / Year · Job Posted April 10, 2026
Apply Position
Job Link Share

Job Description

Activision is seeking a Senior Detection and Response Engineer to help protect our players, studios, platforms, and enterprise environments from advanced cyber threats. As part of our Global Security Operations organization, this role is responsible for actively identifying, investigating, and responding to security threats. This role is highly hands-on and focuses on real-world attacker behavior, rapid analysis, and effective containment.

Job Responsibility

  • Detect, investigate, and respond to security incidents across cloud, corporate, and production environments
  • Monitor and analyze security telemetry and audit logs to identify anomalous activity
  • Perform alert triage, in‑depth investigation, and forensic analysis across the full incident lifecycle
  • Execute endpoint, identity, cloud, and malware investigations
  • Develop, refine, and tune threat detections within the SIEM
  • Enhance investigation and response efficiency through automation, SOAR workflows, scripting, and advanced analytics
  • Contribute to TDIR procedures, playbooks, runbooks, documentation, and operational metrics
  • Collaborate closely with engineering teams, business stakeholders, and vendors
  • Participate in an on‑call rotation and provide off‑hours support
  • Communicate investigation findings clearly and effectively
  • Some travel might be required

Requirements

  • Bachelor’s degree in computer science, Information Security, or equivalent practical experience
  • 5+ years of progressively accountable experience
  • Hands‑on experience in threat detection, security operations, and incident response
  • Strong understanding of the modern threat landscape, attacker tactics, techniques, and procedures
  • Proven ability to detect, triage, investigate, and respond to security incidents in enterprise environments
  • Experience performing detailed log analysis, correlation, and investigative triage
  • Strong written and verbal communication skills
  • Ability to work independently and collaboratively
  • Willingness to participate in an on‑call rotation and provide off‑hours support
  • Fluency in English

Nice to have

  • 8+ years of relevant IT and security experience
  • Experience working with security monitoring platforms such as SIEM, EDR
  • Strong host‑ and network‑based forensic skills
  • Hands‑on malware analysis experience using static and dynamic techniques
  • Scripting or programming experience (e.g., Python, PowerShell, KQL)
  • Experience implementing or operating SOAR platforms and security automation
  • Experience using AI/ML‑driven analytics for alert enrichment, anomaly detection, or automated investigations
  • Understanding foundational security best practices
  • Ability to assess incidents quickly, recommend effective response actions, and mitigate risk
  • Experience interfacing effectively with leadership, engineering teams, and external vendors
  • Demonstrated engagement with the cybersecurity community or strong evidence of self‑driven learning

What we offer

  • Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance
  • 401(k) with Company match, tuition reimbursement, charitable donation matching
  • Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave
  • Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others
  • Relocation assistance if required to move

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Detection & Response Engineer

8 matching positions

Senior Detection and Response Engineer

We are looking for a Senior Detection and Response Engineer to help protect the ...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
activision.com Logo
Activision
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in computer science or related field or equivalent experience
  • Extensive experience in security operations, threat detection engineering or incident response
  • Experience using AI/ML techniques in security operations (alert enrichment, behavioral analytics, anomaly detection, automated investigations)
  • Strong understanding of the modern threat landscape, common tactics and attacker techniques
  • Experience working with security monitoring platforms (SIEM, EDR or similar)
  • Scripting or programming skills (Python, PowerShell or similar) to automate security workflows
  • Strong written and verbal communication skills, and an ability to collaborate across teams
  • Fluent in English
  • Experience implementing or operating SOAR platforms
  • Must be willing to participate in the on-call rotation
Job Responsibility
Job Responsibility
  • Detect, investigate and respond to security incidents across cloud, corporate and production environments
  • Design and improve detection capabilities and incident response workflows
  • Develop automation through SOAR platforms and scripting
  • Enhance alert triage and investigations using AI/ML-driven security analytics
  • Collaborate with engineering teams to improve security visibility and response capabilities
  • Share knowledge through internal documentation, playbooks and team collaboration
  • Participate in an on-call rotation for incident response
Read More
Arrow Right

Senior Detection and Response Engineer

The Senior Detection and Response Engineer is a critical technical role responsi...
Location
Location
United States
Salary
Salary:
128000.00 - 161000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in security operations with 3+ years in detection engineering, including deep expertise in creating high-fidelity rules (SIGMA, YARA-L, KQL, SPL)
  • Proven track record of building detection strategies across SIEM, EDR, and Cloud platforms, grounded in the MITRE ATT&CK framework
  • Expert knowledge of SOAR platforms (e.g., Tines, Splunk SOAR, Cortex XSOAR), architecture, and complex playbook development
  • Proven experience designing and implementing SOAR platform architecture from concept to production
  • Advanced scripting and automation development skills in Python (required) for API integrations and security tool orchestration
  • Strong background in threat hunting methodology, hypothesis development, and campaign execution, with experience leading or co-leading hunting programs
  • Proficiency with data analysis, anomaly detection, and hands-on experience with hunting tools like Jupyter Notebooks, Osquery, and Velociraptor
  • Deep understanding of attack techniques, lateral movement, persistence mechanisms, and post-exploitation TTPs across Windows, Linux, and macOS
  • Familiarity with security frameworks including MITRE ATT&CK, PICERL, NIST CSF, and Detection Maturity Models, and incident response best practices
  • Proven ability to lead technical initiatives, mentor team members, and communicate complex technical concepts to diverse audiences
Job Responsibility
Job Responsibility
  • Design, implement, and maintain advanced detection rules and correlation logic across SIEM , EDR, and Cloud platforms (AWS, GCP)
  • Lead detection strategy and architecture aligned with the Detection Quality frameworks
  • Write high-fidelity detection rules using languages like SIGMA and YARA-L
  • Conduct deep log source analysis, perform threat modeling, adversary emulation, and maintain MITRE ATT&CK mapping coverage
  • Conduct detection gap analysis to identify coverage opportunities across the kill chain
  • Create and maintain detection playbooks, runbooks, and comprehensive documentation
  • Perform detection quality assessments and continuous improvement initiatives
  • Develop complex automated response playbooks for multi-stage incidents spanning multiple security tools
  • Integrate security tools via APIs (SIEM, EDR, MDM, CASB, ITSM, threat intelligence platforms)
  • Create automated enrichment pipelines incorporating threat intelligence, asset context, and user behavior analytics
What we offer
What we offer
  • performance-based bonus
  • equity
  • a generous benefits program
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Detection and Response

As a Senior Security Engineer on the Detection & Response team, you will play a ...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security technical engineering roles
  • 3+ years focused on security operations, detection engineering or incident response
  • Hands-on experience with detection engineering and automation, including SIEMs, SOAR platforms, behavior analytics, and Detection-as-Code workflows
  • Strong understanding of modern attacker techniques and how they apply to cloud-native, SaaS, and identity-centric environments
  • Experience with endpoint, runtime, and forensic tools across multiple operating systems
  • Knowledge of cloud environments (e.g., AWS, GCP) and security best practices for cloud-native systems
  • Proficiency with scripting and infrastructure tools (e.g., Python, Bash, Terraform, CI/CD pipelines) to support automation and internal tooling
  • Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments
  • Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning
  • Apply threat intelligence and knowledge of attacker TTPs to detection development, threat hunting, alert triage, and response prioritization
  • Collaborate with Security, Infrastructure, and IT teams to improve security visibility, logging quality, and response readiness
  • Use automation, scripting, and Detection-as-Code practices to scale detection and response workflows and improve reliability
  • Own end-to-end security projects aligned with Detection & Response initiatives and broader security strategy
  • Participate in a shared on-call rotation and support high-severity incidents as needed
  • Contribute to operational maturity through playbooks, mentoring, tabletop exercises, audits, and cross-functional initiatives
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k
  • RRSP
  • Generous PTO
  • Equity grant
  • Incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

As our next Senior Detection Engineer, you won’t just be monitoring dashboards—y...
Location
Location
United States , Chicago
Salary
Salary:
126000.00 - 154000.00 USD / Year
activecampaign.com Logo
ActiveCampaign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in detection engineering, incident response, or security operations within high-growth technology environments
  • Advanced programming proficiency in Python, with a proven ability to build production-quality security automations and custom integrations from scratch
  • Deep expertise in Cloud Security (AWS), including a comprehensive understanding of IAM, VPC, CloudTrail, and Lambda attack vectors
  • Mastery of detection logic in at least two major languages, such as YARA-L, Sigma, KQL, or SPL
  • A track record of building SOAR workflows or equivalent automation platforms that measurably reduce operational overhead at scale
  • Exceptional communication skills, with the ability to distill complex security risks into actionable insights and influence technical decisions across the organization
  • Experience using AI/LLMs as a strategic tool for threat analysis, investigation automation, and increasing the velocity of security work
  • A self-directed, engineering-first mindset, ideally with a background in SRE, DevOps, or platform engineering and a history of contributing to open-source security projects
Job Responsibility
Job Responsibility
  • Design and deploy sophisticated detection logic across our entire technology stack using detection-as-code principles like YARA-L, Sigma, and KQL
  • Build automated response workflows that independently enrich, triage, and remediate security alerts, effectively eliminating manual toil through advanced SOAR principles
  • Investigate complex security signals—such as novel attack patterns or phishing campaigns—that require deep human judgment and strategic intuition
  • Collaborate cross-functionally with DevOps and Security Engineering teams to adapt detection logic to infrastructure changes before security blind spots can emerge
  • Leverage AI and LLMs as force multipliers to accelerate threat hunting, generate new detection hypotheses, and automate repetitive investigative tasks
  • Lead post-incident reviews with engineering partners, transforming security findings into preventative architectural changes that harden our long-term defense
  • Prototype and test emerging detection capabilities and data sources, ensuring we stay ahead of the threat landscape while participating in an on-call rotation to defend our most critical systems
What we offer
What we offer
  • Comprehensive Health & Wellness: Top-tier benefits package that includes a fully-covered High Deductible Health Plan (HDHP), complimentary access to telehealth services, and a free subscription to Calm
  • Growth & Development: Access to LinkedIn Learning, professional development programs, and career growth opportunities in a fast-growing organization
  • Generous Paid Time Off: Recharge and take the time you need to maintain work-life balance with open PTO
  • Total Rewards: Generous 401(k) matching with immediate vesting, quarterly perks with commuter and lunch benefits for hub based employees or a stipend for remote workers, and a four-week paid sabbatical with bonus after five years
  • Collaborative Culture: Work alongside brilliant, passionate colleagues in an environment that values innovation, teamwork, and mutual support
  • Fulltime
Read More
Arrow Right

Senior Cyber Detection Engineer (SIEM)

Zachary Piper Solutions is seeking a Senior Cyber Detection Engineer (SIEM) to s...
Location
Location
United States , Springfield
Salary
Salary:
135000.00 - 150000.00 USD / Year
pipercompanies.com Logo
Piper Companies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI CI Polygraph required
  • Bachelor’s degree from an accredited college in a related discipline and 5+ years of prior relevant experience
  • IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required
  • Proficient in modern operating systems, including Windows, UNIX, network OS environments, databases, and virtualized computing platforms
  • Experienced with enterprise-grade security tools, such as Security Information and Event Management (SIEM) systems specifically Splunk, Threat Intelligence Platforms (TIPs), and network monitoring solutions
  • Skilled in developing, modifying, and fine-tuning detection mechanisms, including IDS signatures and SIEM correlation rules
  • Knowledgeable in implementing cybersecurity countermeasures and mitigation strategies to reduce risk and enhance system resilience
Job Responsibility
Job Responsibility
  • Support Cyber Operations Squadron (COS) efforts by ensuring timely publication of updated cybersecurity tool signatures, including antivirus and host-based security systems
  • Conduct in-depth threat analysis, including reverse engineering of malware, to uncover critical details such as origin, target, impacted systems, recommended mitigations, and mission risk
  • Develop custom content for Security Information and Event Management (SIEM) tools and create tailored IDS/IPS signatures to counter specific threats
  • Correlate security events and incidents using data from diverse enterprise sources to identify patterns and potential threats
  • Assess the impact of cyber incidents on data and infrastructure, providing detailed evaluations of damage and recovery needs
  • Perform trend analysis and reporting on cyber incidents to identify recurring threats and inform proactive defense strategies
  • Analyze network traffic and system data to detect anomalies and potential security threats
  • Deliver real-time detection, identification, and reporting of cyber intrusions, suspicious activities, and policy violations
  • Create and implement detection rules
What we offer
What we offer
  • Full Benefits: PTO
  • 11 Paid Holidays
  • Cigna Medical, Dental, and Vision
  • 401k with ADP
  • Certification reimbursement
  • Contract mobility and job stability – Contract through 2026
  • Fulltime
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Engineer

We are a global team of innovators and pioneers dedicated to shaping the future ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
newrelic.com Logo
New Relic
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Willingness to work in rotational shifts including Morning, Evening and Night shifts
  • Willingness to work in weekend shifts and support on call
  • At least five years of recent experience working in a threat hunting, threat intelligence, incident response, or security engineering role
  • Experience configuring security incident and event management tools, including creating event filtering, correlation rules, and reports
  • Strong understanding of the MITRE ATT&CK Framework
  • Experience performing risk assessment, threat tracking, or vulnerability management and success in evaluating and communicating severity, impact, and likelihood of a risk to a wide audience
  • Familiarity with digital forensic tools and techniques for hands-on response during incidents
Job Responsibility
Job Responsibility
  • Support and maintain response strategy and tooling to severe incidents and key attack scenarios
  • Support the SoC alert life cycle: triage security risk, investigate alerts, develop runbooks, policies and procedures to help the company respond, and run retrospectives to coordinate effort across the company to prevent future incidents
  • Maintain healthy working relationships with our managed security service providers and respond to incident escalations
  • Maintain coordination and communication streams horizontally and vertically as part of major cyber related incident handling
  • Know the latest APT tactics and techniques and use engineering practices to detect and respond
  • Provide technical expertise to engineering teams on standard methodologies, tools and frameworks
  • Work with product managers, senior management, and end users to drive security maturity across the business
Read More
Arrow Right

Senior Security Detection and Monitoring Engineer

As a driven and proactive Senior Security Detection and Monitoring Engineer you ...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
adyen.com Logo
Adyen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in one or more of the following security domains: Intrusion Detection, Detection Engineering, Threat Detection, Incident Response
  • Proficient in two or more of the following areas: Operating System security (Linux/MacOS), Container Security, Network security, SaaS/IaaS Security
  • Solid and demonstrable experience with Python
  • Able to translate complex detection logic into advanced code
  • Builder at heart with the mindset to script, automate, and scope projects to avoid repetitive tasks
  • Believe that security requires a pragmatic and humane approach where communication is key
  • Have pioneered a solution in uncharted territory, setting a new standard for your team
Job Responsibility
Job Responsibility
  • Create scalable and actionable detection logic for emerging threats in Python
  • Develop new solutions to hunt, detect and deal with threats
  • Operate and expand our in-house built security event monitoring tool
  • Save your colleague’s time and brainpower through automation
  • Maintain up to date knowledge of tools, techniques, and procedures used by attackers
  • Bring and execute on state-of-the-art initiatives that help this domain be ahead of the market
  • Build and own security monitoring tooling in Adyen
  • Join the Security On Call group rotation
Read More
Arrow Right