CrawlJobs Logo

Senior Security Engineer, Detection and Response

United States; Canada 156000.00 - 210000.00 USD; CAD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a Senior Security Engineer on the Detection & Response team, you will play a key role in detecting, investigating, and responding to security threats across 1Password. You will help mature detection capabilities, respond to complex security incidents, and improve the systems and processes that enable effective security operations. This is a high-impact role with meaningful ownership and the opportunity to shape how detection and response scale together.

Job Responsibility

  • Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments
  • Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning
  • Apply threat intelligence and knowledge of attacker TTPs to detection development, threat hunting, alert triage, and response prioritization
  • Collaborate with Security, Infrastructure, and IT teams to improve security visibility, logging quality, and response readiness
  • Use automation, scripting, and Detection-as-Code practices to scale detection and response workflows and improve reliability
  • Own end-to-end security projects aligned with Detection & Response initiatives and broader security strategy
  • Participate in a shared on-call rotation and support high-severity incidents as needed
  • Contribute to operational maturity through playbooks, mentoring, tabletop exercises, audits, and cross-functional initiatives

Requirements

  • 5+ years of experience in security technical engineering roles
  • 3+ years focused on security operations, detection engineering or incident response
  • Hands-on experience with detection engineering and automation, including SIEMs, SOAR platforms, behavior analytics, and Detection-as-Code workflows
  • Strong understanding of modern attacker techniques and how they apply to cloud-native, SaaS, and identity-centric environments
  • Experience with endpoint, runtime, and forensic tools across multiple operating systems
  • Knowledge of cloud environments (e.g., AWS, GCP) and security best practices for cloud-native systems
  • Proficiency with scripting and infrastructure tools (e.g., Python, Bash, Terraform, CI/CD pipelines) to support automation and internal tooling
  • Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences

What we offer

  • Health benefits
  • Dental benefits
  • 401k
  • RRSP
  • Generous PTO
  • Equity grant
  • Incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Peer-to-peer recognition through Bonusly
  • Remote-first work environment

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Security Engineer, Detection and Response

8 matching positions

Senior Detection and Response Engineer

We are looking for a Senior Detection and Response Engineer to help protect the ...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
activision.com Logo
Activision
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in computer science or related field or equivalent experience
  • Extensive experience in security operations, threat detection engineering or incident response
  • Experience using AI/ML techniques in security operations (alert enrichment, behavioral analytics, anomaly detection, automated investigations)
  • Strong understanding of the modern threat landscape, common tactics and attacker techniques
  • Experience working with security monitoring platforms (SIEM, EDR or similar)
  • Scripting or programming skills (Python, PowerShell or similar) to automate security workflows
  • Strong written and verbal communication skills, and an ability to collaborate across teams
  • Fluent in English
  • Experience implementing or operating SOAR platforms
  • Must be willing to participate in the on-call rotation
Job Responsibility
Job Responsibility
  • Detect, investigate and respond to security incidents across cloud, corporate and production environments
  • Design and improve detection capabilities and incident response workflows
  • Develop automation through SOAR platforms and scripting
  • Enhance alert triage and investigations using AI/ML-driven security analytics
  • Collaborate with engineering teams to improve security visibility and response capabilities
  • Share knowledge through internal documentation, playbooks and team collaboration
  • Participate in an on-call rotation for incident response
Read More
Arrow Right

Senior Detection and Response Engineer

The Senior Detection and Response Engineer is a critical technical role responsi...
Location
Location
United States
Salary
Salary:
128000.00 - 161000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in security operations with 3+ years in detection engineering, including deep expertise in creating high-fidelity rules (SIGMA, YARA-L, KQL, SPL)
  • Proven track record of building detection strategies across SIEM, EDR, and Cloud platforms, grounded in the MITRE ATT&CK framework
  • Expert knowledge of SOAR platforms (e.g., Tines, Splunk SOAR, Cortex XSOAR), architecture, and complex playbook development
  • Proven experience designing and implementing SOAR platform architecture from concept to production
  • Advanced scripting and automation development skills in Python (required) for API integrations and security tool orchestration
  • Strong background in threat hunting methodology, hypothesis development, and campaign execution, with experience leading or co-leading hunting programs
  • Proficiency with data analysis, anomaly detection, and hands-on experience with hunting tools like Jupyter Notebooks, Osquery, and Velociraptor
  • Deep understanding of attack techniques, lateral movement, persistence mechanisms, and post-exploitation TTPs across Windows, Linux, and macOS
  • Familiarity with security frameworks including MITRE ATT&CK, PICERL, NIST CSF, and Detection Maturity Models, and incident response best practices
  • Proven ability to lead technical initiatives, mentor team members, and communicate complex technical concepts to diverse audiences
Job Responsibility
Job Responsibility
  • Design, implement, and maintain advanced detection rules and correlation logic across SIEM , EDR, and Cloud platforms (AWS, GCP)
  • Lead detection strategy and architecture aligned with the Detection Quality frameworks
  • Write high-fidelity detection rules using languages like SIGMA and YARA-L
  • Conduct deep log source analysis, perform threat modeling, adversary emulation, and maintain MITRE ATT&CK mapping coverage
  • Conduct detection gap analysis to identify coverage opportunities across the kill chain
  • Create and maintain detection playbooks, runbooks, and comprehensive documentation
  • Perform detection quality assessments and continuous improvement initiatives
  • Develop complex automated response playbooks for multi-stage incidents spanning multiple security tools
  • Integrate security tools via APIs (SIEM, EDR, MDM, CASB, ITSM, threat intelligence platforms)
  • Create automated enrichment pipelines incorporating threat intelligence, asset context, and user behavior analytics
What we offer
What we offer
  • performance-based bonus
  • equity
  • a generous benefits program
  • Fulltime
Read More
Arrow Right

Senior Security Detection and Monitoring Engineer

As a driven and proactive Senior Security Detection and Monitoring Engineer you ...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
adyen.com Logo
Adyen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in one or more of the following security domains: Intrusion Detection, Detection Engineering, Threat Detection, Incident Response
  • Proficient in two or more of the following areas: Operating System security (Linux/MacOS), Container Security, Network security, SaaS/IaaS Security
  • Solid and demonstrable experience with Python
  • Able to translate complex detection logic into advanced code
  • Builder at heart with the mindset to script, automate, and scope projects to avoid repetitive tasks
  • Believe that security requires a pragmatic and humane approach where communication is key
  • Have pioneered a solution in uncharted territory, setting a new standard for your team
Job Responsibility
Job Responsibility
  • Create scalable and actionable detection logic for emerging threats in Python
  • Develop new solutions to hunt, detect and deal with threats
  • Operate and expand our in-house built security event monitoring tool
  • Save your colleague’s time and brainpower through automation
  • Maintain up to date knowledge of tools, techniques, and procedures used by attackers
  • Bring and execute on state-of-the-art initiatives that help this domain be ahead of the market
  • Build and own security monitoring tooling in Adyen
  • Join the Security On Call group rotation
Read More
Arrow Right

Senior Security Detection and Monitoring Engineer

As a driven and proactive Senior Security Detection and Monitoring Engineer you ...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
adyen.com Logo
Adyen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in one or more of the following security domains: Intrusion Detection, Detection Engineering, Threat Detection, Incident Response
  • Proficient in two or more of the following areas: Operating System security (Linux/MacOS), Container Security, Network security, SaaS/IaaS Security
  • Solid and demonstrable experience with Python, able to translate complex detection logic into advanced code
  • Advanced Python development skills
  • Builder at heart with the mindset to script, automate, and scope projects
  • Belief that security requires a pragmatic and humane approach where communication is key
  • Have pioneered a solution in uncharted territory, setting a new standard for your team
Job Responsibility
Job Responsibility
  • Create scalable and actionable detection logic for emerging threats in Python
  • Develop new solutions to hunt, detect and deal with threats
  • Operate and expand our in-house built security event monitoring tool
  • Save your colleague’s time and brainpower through automation
  • Maintain up to date knowledge of tools, techniques, and procedures used by attackers
  • Bring and execute on state-of-the-art initiatives that help this domain be ahead of the market
  • Build and own security monitoring tooling in Adyen
  • Join the Security On Call group rotation
Read More
Arrow Right

Senior Security Detection and Monitoring Engineer

As a driven and proactive Senior Security Detection and Monitoring Engineer you ...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
adyen.com Logo
Adyen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in one or more of the following security domains: Intrusion Detection, Detection Engineering, Threat Detection, Incident Response
  • Proficient in two or more of the following areas: Operating System security (Linux/MacOS), Container Security, Network security, SaaS/IaaS Security
  • Understand security detection and monitoring without being limited to specific SIEM tools or vendors
  • Solid and demonstrable experience with Python, and are able to translate complex detection logic into advanced code with ease
  • Builder at heart, and have the mindset to script, automate, and scope projects to avoid repetitive tasks
  • Believe that the security of systems, people and processes requires a pragmatic and humane approach where communication is key
  • Have pioneered a solution in uncharted territory, setting a new standard for your team
Job Responsibility
Job Responsibility
  • Create scalable and actionable detection logic for emerging threats in Python
  • Develop new solutions to hunt, detect and deal with threats
  • Operate and expand our in-house built security event monitoring tool
  • Save your colleague’s time and brainpower through automation
  • Maintain up to date knowledge of tools, techniques, and procedures used by attackers
  • Bring and execute on state-of-the-art initiatives that help this domain be ahead of the market
  • Build and own security monitoring tooling in Adyen
  • Join the Security On Call group rotation
Read More
Arrow Right

Senior Security Engineer - Security Incident Response

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • equivalent experience
  • Active U.S. Government Secret Security Clearance
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • U.S. citizenship verification
Job Responsibility
Job Responsibility
  • Coordinate with investigators to prioritize investigation objectives, understands attack paths, and systematically executes mitigation and protection actions to evict threat actors for any security incident impacting any of Microsoft’s products or services
  • Conduct hands-on mitigation where possible
  • engages service owners when there is a risk of a production outage
  • Maintain hands-on knowledge of mitigation and protection steps for various asset types (e.g. M365, Azure, AI) and publishes self-service guidance for impacted engineering teams
  • Brief executive stakeholders on eviction plans and associated status
  • Maintain and evolves an inventory of threat actor Tactics, Techniques, and Procedures (TTPs) and the corresponding eviction capabilities
  • Define and prioritize requirements and use cases for Microsoft’s threat actor eviction platform
  • operationalize as they are delivered
  • Drive strategic change to accelerate eviction scenarios (e.g. lean business cases to garner support for broader Microsoft product initiatives or features)
  • Participate in an on-call rotation
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Security Incident Response

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Multiple Locations
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • equivalent experience
  • Active U.S. Government Secret Security Clearance
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Coordinates with investigators to prioritize investigation objectives, understands attack paths, and systematically executes mitigation and protection actions to evict threat actors for any security incident impacting any of Microsoft’s products or services
  • Conducts hands-on mitigation where possible
  • engages service owners when there is a risk of a production outage
  • Maintains hands-on knowledge of mitigation and protection steps for various asset types (e.g. M365, Azure, AI) and publishes self-service guidance for impacted engineering teams
  • Briefs executive stakeholders on eviction plans and associated status
  • Maintains and evolves an inventory of threat actor Tactics, Techniques, and Procedures (TTPs) and the corresponding eviction capabilities
  • Define and prioritize requirements and use cases for Microsoft’s threat actor eviction platform
  • operationalize as they are delivered
  • Drives strategic change to accelerate eviction scenarios (e.g. lean business cases to garner support for broader Microsoft product initiatives or features)
  • Participates in an on-call rotation
  • Fulltime
Read More
Arrow Right

Senior Detection & Response Engineer

Activision is seeking a Senior Detection and Response Engineer to help protect o...
Location
Location
United States of America , Playa Vista
Salary
Salary:
101000.00 - 186754.00 USD / Year
activision.com Logo
Activision
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, Information Security, or equivalent practical experience
  • 5+ years of progressively accountable experience
  • Hands‑on experience in threat detection, security operations, and incident response
  • Strong understanding of the modern threat landscape, attacker tactics, techniques, and procedures
  • Proven ability to detect, triage, investigate, and respond to security incidents in enterprise environments
  • Experience performing detailed log analysis, correlation, and investigative triage
  • Strong written and verbal communication skills
  • Ability to work independently and collaboratively
  • Willingness to participate in an on‑call rotation and provide off‑hours support
  • Fluency in English
Job Responsibility
Job Responsibility
  • Detect, investigate, and respond to security incidents across cloud, corporate, and production environments
  • Monitor and analyze security telemetry and audit logs to identify anomalous activity
  • Perform alert triage, in‑depth investigation, and forensic analysis across the full incident lifecycle
  • Execute endpoint, identity, cloud, and malware investigations
  • Develop, refine, and tune threat detections within the SIEM
  • Enhance investigation and response efficiency through automation, SOAR workflows, scripting, and advanced analytics
  • Contribute to TDIR procedures, playbooks, runbooks, documentation, and operational metrics
  • Collaborate closely with engineering teams, business stakeholders, and vendors
  • Participate in an on‑call rotation and provide off‑hours support
  • Communicate investigation findings clearly and effectively
What we offer
What we offer
  • Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance
  • 401(k) with Company match, tuition reimbursement, charitable donation matching
  • Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave
  • Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others
  • Relocation assistance if required to move
  • Fulltime
Read More
Arrow Right