CrawlJobs Logo
1Password Logo 1Password · IT - Software Development

Senior Security Engineer, Detection and Response

United States; Canada 156000.00 - 210000.00 USD; CAD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a Senior Security Engineer on the Detection & Response team, you will play a key role in detecting, investigating, and responding to security threats across 1Password. You will help mature detection capabilities, respond to complex security incidents, and improve the systems and processes that enable effective security operations. This is a high-impact role with meaningful ownership and the opportunity to shape how detection and response scale together.

Job Responsibility

  • Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments
  • Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning
  • Apply threat intelligence and knowledge of attacker TTPs to detection development, threat hunting, alert triage, and response prioritization
  • Collaborate with Security, Infrastructure, and IT teams to improve security visibility, logging quality, and response readiness
  • Use automation, scripting, and Detection-as-Code practices to scale detection and response workflows and improve reliability
  • Own end-to-end security projects aligned with Detection & Response initiatives and broader security strategy
  • Participate in a shared on-call rotation and support high-severity incidents as needed
  • Contribute to operational maturity through playbooks, mentoring, tabletop exercises, audits, and cross-functional initiatives

Requirements

  • 5+ years of experience in security technical engineering roles
  • 3+ years focused on security operations, detection engineering or incident response
  • Hands-on experience with detection engineering and automation, including SIEMs, SOAR platforms, behavior analytics, and Detection-as-Code workflows
  • Strong understanding of modern attacker techniques and how they apply to cloud-native, SaaS, and identity-centric environments
  • Experience with endpoint, runtime, and forensic tools across multiple operating systems
  • Knowledge of cloud environments (e.g., AWS, GCP) and security best practices for cloud-native systems
  • Proficiency with scripting and infrastructure tools (e.g., Python, Bash, Terraform, CI/CD pipelines) to support automation and internal tooling
  • Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences

What we offer

  • Health benefits
  • Dental benefits
  • 401k
  • RRSP
  • Generous PTO
  • Equity grant
  • Incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Peer-to-peer recognition through Bonusly
  • Remote-first work environment
1Password - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Engineer, Detection and Response

8 matching positions

Senior Security Engineer

The Senior Security Engineer will provide hands-on technical leadership within t...
Location
Location
United Kingdom , Leeds; Thame
Salary
Salary:
65000.00 - 75000.00 GBP / Year
pexa.co.uk Logo
PEXA UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proactive, can-do attitude to get things done quickly and efficiently
  • Strong collaboration and communication skills
  • Willingness to contribute ideas to the security programme
  • Demonstratable first-hand experience in achieving organisational adherence to security best practices
  • Experience in the practical protection of a remote working laptop estate and SaaS cloud solutions
  • Experience in identity and access management solutions
  • Experience in device business automation and updates
  • Experience in the security aspects of cloud web application hosting and defence measures like WAF
Job Responsibility
Job Responsibility
  • Maintenance and Operational Security: Ensure all security solutions remain operationally effective
  • Ensure technical teams timely patch applications, systems, software, and hardware
  • Maintain and audit secure configurations for devices, applications, and cloud environments
  • Access Control and Identity Management: Conduct regular user and privileged account reviews
  • Manage and monitor Privileged Identity Management (PIM) profiles and elevated access accounts
  • Coordinate with IT and HR for onboarding/offboarding
  • Tool, Infrastructure, and Encryption Management: Maintain and optimise security infrastructure and tools
  • Oversee encryption key and certificate management
  • Work with vendors and internal teams to ensure tools remain current
  • VPN, Network & Firewall Security: Design, configure, and maintain secure VPN and Zero-Trust network solutions
What we offer
What we offer
  • Your growth: We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools
  • Your wellness: We care about your holistic wellbeing
  • Your work/life blend: We want to help you create your ideal work/life blend
  • Fulltime
Read More
Arrow Right

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This role involves embedding security into software delivery pipelines, designin...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices
Job Responsibility
Job Responsibility
  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
What we offer
What we offer
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

This role is your opportunity to lead the charge in maturing e2Open’s security p...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in SIEM operations, vulnerability management, and incident response
  • Hands-on experience configuring and running security tools
  • Strong automation skills (e.g., scripting, orchestration)
  • The ability to lead through influence, guiding teams to adopt better practices
  • Experience navigating the challenges of complex, fast-changing environments (M&A exposure a plus)
  • Formal qualifications (CISSP, CISM, or equivalent) are valued
Job Responsibility
Job Responsibility
  • Configure, tune, and operate SIEM platforms to improve detection, response, and visibility
  • Lead vulnerability scanning and remediation
  • Take point in managing security incidents — from detection through investigation and resolution
  • Run and maintain key security tools
  • Drive automation-first approaches
  • Collaborate with engineering and IT teams to embed security into operations and culture
  • Help shape the roadmap for security maturity within e2Open
Read More
Arrow Right

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Senior Defensive Security Engineer – Embedded Systems

Silvus is seeking a Senior Defensive Security Engineer – Embedded Systems who wi...
Location
Location
United States , Los Angeles
Salary
Salary:
140000.00 - 200000.00 USD / Year
silvustechnologies.com Logo
Silvus Technologies (International)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (e.g., Mathematics, Computer Engineering)
  • Minimum 5 years in cybersecurity, with at least 2 years in defensive security roles focused on Linux-based systems
  • Expertise in Linux network security, secure coding, or embedded systems security
  • Coding/scripting in C/C++, Python, Bash, or assembly for Linux environments
  • Familiarity with Linux security tools like Auditd, Lynis, or vulnerability scanners
  • Security Clearance: Active U.S. Government SECRET clearance or the ability to obtain one within 12 months of hire
  • Must be a U.S. Person (U.S. Citizen, or U.S. Permanent Resident) due to clients under U.S. federal contracts
Job Responsibility
Job Responsibility
  • Design and implement Linux-based security architectures for embedded systems, focusing on secure boot, and kernel hardening
  • Develop and enforce Linux security features, including iptables, netfilter, and auditd for intrusion detection and prevention
  • Conduct security assessments and audits of Linux-based embedded systems to identify and mitigate vulnerabilities
  • Integrate Linux security best practices into the development lifecycle (DevSecOps), emphasizing secure coding and configuration management
  • Manage vulnerabilities in Linux-based embedded systems, including timely patching and kernel updates
  • Train teams on Linux security practices, including privilege management, file system permissions, and container security
  • Participate in incident response planning and execution for Linux-based embedded systems
  • Implement Linux-native encryption and authentication mechanisms (e.g., dm-crypt, OpenSSL, PAM) for secure communications
  • Fulltime
Read More
Arrow Right