CrawlJobs Logo

Senior Security Engineer – Threat Detection & Response

sigmacomputing.com Logo

Sigma Computing

Location Icon

Location:
United States , New York City

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

210000.00 - 240000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Sigma is seeking a Senior Security Engineer- Detection & Response (Threat-Informed Defense) to join our Security Engineering team.You will act as the technical SME for threat Intelligence, detection and response, partnering across Security, Platform, Product, and Engineering to reduce risk and improve resilience at scale. You will bridge the gap between Cyber Threat Intelligence (CTI) and actionable defense, shaping our security architecture to withstand modern adversary tactics before they manifest in our environment. In this role you will not just administer the platforms. You'll write production-grade code, engineer scalable detections, automate response, and develop proactive threat controls using deep knowledge of cloud, identity, application, and data attack paths.

Job Responsibility:

  • Adversary Response Planning: Develop and maintain a comprehensive adversary response strategy, mapping organizational risks to specific threat actor TTPs (Tactics, Techniques, and Procedures)
  • Cross-Functional Leadership: Act as a Subject Matter Expert to Infrastructure, Engineering, and security teams. Guide these partners in implementing proactive security controls, ensuring that security is 'baked in' to the development lifecycle and corporate infrastructure
  • Proactive Threat Modeling: Lead and build collaborative threat modeling sessions for new products and infrastructure, helping cloud platform, Engineering and IT identify and neutralize architectural weaknesses before deployment
  • Continuous Detection Engineering: Build, tune, and constantly update a library of high-fidelity detections. You will ensure our alerting logic evolves in lockstep with new exploitation techniques and industry benchmarks
  • Industry Alignment: Monitor the evolving security landscape (e.g., CISA advisories, new MITRE techniques) to ensure Sigma remains at the forefront of industry-standard security controls
  • Resilience Testing & Training: Design and lead cross-functional Incident Response simulations and tabletop exercises. Use these sessions to educate non-security teams on their roles during a crisis and to identify gaps in our defense-in-depth strategy
  • Advanced Incident Management: Lead the full lifecycle of high-severity security incidents, acting as the primary SME for containment and eradication while managing communication with executive leadership
  • Automation & Orchestration: Architect SOAR workflows to ensure common adversary techniques are met with immediate, automated remediation, reducing the manual burden on IT and Ops

Requirements:

  • Minimum 7+ years in security with at least 5+ years deeply focused on detection engineering, incident response, or threat hunting in cloud-native environments and a track record of working in fast paced SaaS environments,moving organizations from reactive IR to threat-informed defense
  • Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related field
  • Hands-on proficiency in securing AWS/GCP/Azure + modern Identity Stack, including experience with Kubernetes security and Terraform/IaC
  • Strong coding ability to build automations, security pipeline, detection as code etc
  • Deep understanding of cloud IAM attack paths, token/session abuse, API threats, and data exfiltration patterns, CI/CD for detections
  • Experience designing and operating telemetry pipelines (normalization, correlation, data quality, schema strategy)
  • Strong incident response leadership for high-severity events in production environments
  • Deep familiarity with threat intelligence frameworks (MITRE ATT&CK) and the ability to convert raw intel into actionable detection/prevention strategies
  • Proven experience running incident response tests, breach and attack simulations (BAS), or red/blue team exercises
  • Deep expertise in security tooling across SIEM, EDR, CNAPP, WAF, CASB, and Data Security platforms and judgment to know when to buy vs build
  • The ability to translate complex technical threats into clear, actionable guidance for both technical peers and executive leadership

Nice to have:

  • Relevant certifications (nice-to-have): GCIA, GCIH, GCTI, CISSP, CCSP
  • Contributions to open-source security projects or published research (nice-to have)
What we offer:
  • Equity
  • Generous health benefits
  • Flexible time off policy. Take the time off you need!
  • Paid bonding time for all new parents
  • Traditional and Roth 401k
  • Commuter and FSA benefits
  • Lunch Program
  • Dog friendly office

Additional Information:

Job Posted:
February 20, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Sigma Computing - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Security Engineer – Threat Detection & Response

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Senior Product Manager – Threat Detection

As a Product Manager – Threat Detection, you will be responsible for driving the...
Location
Location
United States
Salary
Salary:
182000.00 - 219000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years in a technical support, engineering, or security research role
  • 3+ years in networking in a product or practitioner role
  • 5+ years overall experience in cybersecurity, with a focus on network security and threat detection
  • Strong understanding of network protocols, network security principles, and intrusion detection methodologies
  • Experience with Zeek (Bro) and its applications within NDR and security operations
  • Experience with network forensics, packet analysis, and network-based anomaly detection
  • Strong analytical skills, with the ability to interpret and apply threat intelligence and attack frameworks (e.g., MITRE ATT&CK)
  • Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience
Job Responsibility
Job Responsibility
  • Develop and maintain a cutting edge detection engineering program via collaboration with Corelight Labs Research
  • Execute the product strategy for Corelight’s threat detection capabilities
  • Research adversary tactics, emerging network threats, and novel detection methodologies to improve the effectiveness of Corelight’s NDR solutions
  • Work closely with threat researchers, SOC analysts, and detection engineers to develop high-fidelity detection logic and optimize network threat intelligence
  • Analyze network protocols and traffic patterns to identify new ways to extract valuable security-relevant insights
  • Collaborate with engineering, UX, and security research teams to develop new features and improve the usability of Corelight’s threat detection tools
  • Contribute to open-source security initiatives, representing Corelight in the broader security community and helping drive innovation
  • Act as a technical liaison between customers, security teams, and internal stakeholders to ensure Corelight remains the gold standard for network evidence collection
  • Define, prioritize, and refine product requirements for threat detection capabilities, integrations, and intelligence applications
  • Develop detection content, documentation, and best practices for leveraging Corelight’s platform in threat hunting and incident response workflows
What we offer
What we offer
  • Equity
  • Additional benefits
  • Collaborative, inclusive, and growth-oriented culture
  • AI-assisted workflows
  • Machine learning models
  • Cloud security and SaaS-based solutions
  • Geographically distributed yet connected employee base
  • Fulltime
Read More
Arrow Right

Senior Threat Detection Engineer

We’re expanding our Threat Detection Engineering team at Atlassian and looking f...
Location
Location
United States , San Francisco
Salary
Salary:
146300.00 - 235000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Minimum 3 years experience in Detection Engineering roles
  • Experience building advanced data analytics and ML based detection models to identify complex threats
  • Experience building effective detection capabilities to modern cloud environments
  • Experience using common programming languages to build automation
  • Experience identifying threats through proactive threat hunting
  • Experience using security detection technologies and systems, including firewalls, intrusion detection systems, EDR, and authentication systems
  • Experience successfully delivering complex projects
  • Strong analytical skills and the ability to effectively identify and resolve problems
Job Responsibility
Job Responsibility
  • Develop advanced threat detection mechanisms using complex data analytics and machine learning models that can effectively identify and raise alerts for any adversarial or high-risk behaviors within the Atlassian’s systems
  • Continuous improvement and fine-tuning of detection systems to effectively adapt to new and emerging cyber threats
  • Monitor and enhance critical detection systems to ensure their reliability and effectiveness in delivering robust detection capabilities
  • Deploy new detection technologies to continuously uplift and improve our detection capabilities
  • Collaborate with partner teams such as Incident Response and Threat Intelligence is to establish and maintain meaningful security alerts
  • Work closely with these teams to ensure security alerts are relevant, actionable, and aligned with the overall security strategy
  • Collaborate closely with Product Engineering, Data Platform, and Security Engineering teams to advance our detection coverage and tooling in our production cloud environments
  • Automate complex security operational tasks, aiming to streamline and optimize routine security activities
  • Develop tools, systems, and programs to enhance and fortify Atlassian's overall security posture
  • Remain informed about the latest security trends, emerging threats, and evolving technologies to ensure that Atlassian is well-prepared to adapt to new security challenges
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
256000.00 - 342000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • Experience with AWS, GCP, or similar cloud platforms
  • Experience in building and delivering projects from start to finish
  • Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution. Participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

PagerDuty is seeking a Senior Security Engineer to join our diverse, customer-fo...
Location
Location
Canada , Toronto
Salary
Salary:
137000.00 - 207000.00 CAD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency with Application & Product Security typically associated with 4 - 5 years of experience in a Security Engineering role working with a cloud-native, microservices environment, preferably AWS
  • Familiarity with cloud-native product technologies including: Vulnerability detection via multiple approaches including SAST, DAST, SCA, and runtime (e.g., Qualys/Nessus, Wiz, Snyk, GHAS, Semgrep, etc.)
  • CI/CD technologies and integrations (e.g., CircleCI, Buildkite, Helm, Terraform, Chef)
  • Product security event logging standards and analysis tools (e.g., SIEM such as: SumoLogic, LogRythm, or Splunk, etc.)
  • Security Incident Response & Risk Management processes and tools
  • Proficiency in at least one programming language and framework (e.g. Python, Bash, Phoenix/Elixir, Java, Ruby on Rails), typically associated with 3 - 4 years of experience with the language/framework
  • Have exceptional written, oral communication, and interpersonal skills
  • Organizational skills with the ability to successfully manage multiple priorities and deadlines
Job Responsibility
Job Responsibility
  • Embrace the role of hands-on technical lead in defining product security standards and guiding platform protections
  • Establish criteria and conduct comprehensive security reviews throughout all stages of product development to identify and address security risks
  • Perform regular threat assessments, coordinate with third-party testers for penetration testing, and conduct internal penetration testing to identify and mitigate security risks
  • Mentor and guide team members to ensure product and business objectives are prioritized in project implementations, fostering a strong documentation culture with project charters and design documents
  • Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the team to design and implement effective security frameworks. Maintain a strong appetite for challenging problems with a high degree of ownership
  • Participate in the team’s On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences
  • Enable service team security implementations by developing security-as-code constructs, including infrastructure-as-code (IaC) modules, libraries and frontend components, while creating and maintaining developer-focused documentation to promote easy adoption
  • Establish and uphold baseline standards and hardened configurations for platform components
  • Continuously enhance security frameworks by focusing on product security standards and software supply chain protections, tailored for application security in cloud-native, microservices environments
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package from day one
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

The Senior Security Engineer will provide hands-on technical leadership within t...
Location
Location
United Kingdom , Leeds; Thame
Salary
Salary:
65000.00 - 75000.00 GBP / Year
pexa.co.uk Logo
PEXA UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proactive, can-do attitude to get things done quickly and efficiently
  • Strong collaboration and communication skills
  • Willingness to contribute ideas to the security programme
  • Demonstratable first-hand experience in achieving organisational adherence to security best practices
  • Experience in the practical protection of a remote working laptop estate and SaaS cloud solutions
  • Experience in identity and access management solutions
  • Experience in device business automation and updates
  • Experience in the security aspects of cloud web application hosting and defence measures like WAF
Job Responsibility
Job Responsibility
  • Maintenance and Operational Security: Ensure all security solutions remain operationally effective
  • Ensure technical teams timely patch applications, systems, software, and hardware
  • Maintain and audit secure configurations for devices, applications, and cloud environments
  • Access Control and Identity Management: Conduct regular user and privileged account reviews
  • Manage and monitor Privileged Identity Management (PIM) profiles and elevated access accounts
  • Coordinate with IT and HR for onboarding/offboarding
  • Tool, Infrastructure, and Encryption Management: Maintain and optimise security infrastructure and tools
  • Oversee encryption key and certificate management
  • Work with vendors and internal teams to ensure tools remain current
  • VPN, Network & Firewall Security: Design, configure, and maintain secure VPN and Zero-Trust network solutions
What we offer
What we offer
  • Your growth: We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools
  • Your wellness: We care about your holistic wellbeing
  • Your work/life blend: We want to help you create your ideal work/life blend
  • Fulltime
Read More
Arrow Right

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This role involves embedding security into software delivery pipelines, designin...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices
Job Responsibility
Job Responsibility
  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
What we offer
What we offer
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy