CrawlJobs Logo

Staff Detection and Response Engineer

alpha-sense.com Logo

AlphaSense

Location Icon

Location:
India

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Staff Detection and Response Engineer is a critical technical role responsible for driving the organization's defensive security capabilities across detection engineering, security orchestration, automation, and response (SOAR), and co-leading the organization's threat hunting program. This role is crucial for integrating new threat intelligence into high-fidelity detections and automating incident response processes to maximize team efficiency and response speed.

Job Responsibility:

  • Design, implement, and maintain advanced detection rules and correlation logic across SIEM , EDR, and Cloud platforms (AWS, GCP)
  • Lead detection strategy and architecture aligned with the Detection Quality frameworks
  • Write high-fidelity detection rules using languages like SIGMA and YARA-L
  • Conduct deep log source analysis, perform threat modeling, adversary emulation, and maintain MITRE ATT&CK mapping coverage
  • Conduct detection gap analysis to identify coverage opportunities across the kill chain
  • Create and maintain detection playbooks, runbooks, and comprehensive documentation
  • Perform detection quality assessments and continuous improvement initiatives
  • Develop complex automated response playbooks for multi-stage incidents spanning multiple security tools
  • Integrate security tools via APIs (SIEM, EDR, MDM, CASB, ITSM, threat intelligence platforms)
  • Create automated enrichment pipelines incorporating threat intelligence, asset context, and user behavior analytics
  • Develop automated containment actions (account disable, host isolation, firewall rule updates)
  • Measure and report automation ROI, tracking metrics like time saved and incident handling efficiency
  • Handle Incident Response processes and procedures as needed
  • Co-lead the organization's threat hunting program with the SOC Manager, defining strategy, methodology, and campaign planning
  • Execute proactive threat hunting campaigns by conducting hunt queries across SIEM and EDR platforms
  • Analyze large datasets to identify anomalous behavior patterns including user behavior, process execution, network traffic, and cloud activity
  • Develop hunting automation and tooling using custom Python scripts, Jupyter Notebooks, Osquery, and Velociraptor
  • Collaborate with threat intelligence sources to incorporate latest TTPs into hunting campaigns

Requirements:

  • 7+ years in security operations with 3+ years in detection engineering, including deep expertise in creating high-fidelity rules (SIGMA, YARA-L, KQL, SPL)
  • Proven track record of building detection strategies across SIEM, EDR, and Cloud platforms, grounded in the MITRE ATT&CK framework
  • Expert knowledge of SOAR platforms (e.g., Tines, Splunk SOAR, Cortex XSOAR), architecture, and complex playbook development
  • Proven experience designing and implementing SOAR platform architecture from concept to production
  • Advanced scripting and automation development skills in Python (required) for API integrations and security tool orchestration
  • Strong background in threat hunting methodology, hypothesis development, and campaign execution, with experience leading or co-leading hunting programs
  • Proficiency with data analysis, anomaly detection, and hands-on experience with hunting tools like Jupyter Notebooks, Osquery, and Velociraptor
  • Deep understanding of attack techniques, lateral movement, persistence mechanisms, and post-exploitation TTPs across Windows, Linux, and macOS
  • Familiarity with security frameworks including MITRE ATT&CK, PICERL, NIST CSF, and Detection Maturity Models, and incident response best practices
  • Proven ability to lead technical initiatives, mentor team members, and communicate complex technical concepts to diverse audiences

Nice to have:

  • Experience with YARA-L
  • Deep familiarity with Detection Frameworks and detection engineering quality frameworks
  • Proven track record implementing SOAR platforms from architecture through operationalization, with experience evaluating multiple platforms
  • Advanced knowledge of CrowdStrike Falcon platform including custom IOA rules
  • Background in purple team activities, adversary emulation, or red teaming
  • Experience with CI/CD practices for detection-as-code and automation-as-code
  • Contributions to open-source security projects or security certifications (GCDA, GCIH, GCIA, GCFA, OSCP, or equivalent)
  • Knowledge of security data lakes (Snowflake, BigQuery) and experience with threat intelligence platforms (TIP)
  • Published research, blog posts, or conference presentations on detection engineering, automation, or threat hunting topics

Additional Information:

Job Posted:
February 03, 2026

Work Type:
Remote work
Icon
AlphaSense - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Staff Detection and Response Engineer

Staff Security Engineer

At hyperexponential, we’re building the AI-powered platform that enables the wor...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
hyperexponential.com Logo
hyperexponential
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Built or significantly contributed to security programmes from the ground up, establishing foundational security controls, compliance readiness, and incident response capabilities
  • Designed and implemented security architecture for cloud-based distributed systems (AWS or equivalent), including multi-account strategies, identity and access management, network security, and data protection
  • Driven technical security improvements by writing code, building tools, and implementing controls that scaled with company growth
  • Integrated security into development workflows through DevSecOps practices including automated testing, secrets management, container security, and infrastructure-as-code security
  • Led or supported compliance initiatives (SOC2, ISO27001, GDPR, or similar), mapping technical controls to compliance requirements and guiding teams through audit cycles
  • Built trust with engineering teams by contributing technically and making security collaborative and frictionless
  • Balanced security rigor with business goals, making risk-based trade-offs that enabled growth while protecting customers and the business
  • Evaluated security implications of AI/ML systems, including understanding AI-specific risks and implementing controls to secure them
Job Responsibility
Job Responsibility
  • Build hx's security programme from the ground up, setting direction for security architecture, compliance, and incident response as we scale globally
  • Design and implement security controls across AWS cloud infrastructure, Kubernetes workloads, and our multi-product platform, ensuring systems are secure by design
  • Integrate security into engineering workflows by embedding automated security testing, vulnerability management, and threat detection into CI/CD pipelines without slowing teams down
  • Lead or contribute to compliance initiatives (SOC2, ISO27001) by implementing technical controls and working cross-functionally with legal, engineering, and business teams to enable enterprise sales
  • Build security automation and tooling by writing code and scripts that scale security practices, detect vulnerabilities, and enforce policies efficiently
  • Partner with Engineering Managers, Principal Engineers, and Product Managers to embed security thinking early in design and architecture decisions
  • Act as a trusted voice in critical moments: responding to incidents, unblocking teams on security questions, and keeping high-stakes initiatives secure and on track
  • Assess and secure AI-powered systems across hx's platform, implementing controls that enable safe adoption of AI while mitigating risks like prompt injection, data leakage, and model vulnerabilities
What we offer
What we offer
  • £5,000 training and conference budget for individual and group development
  • 25 days of holiday plus 8 bank holidays (33 days total)
  • Company pension scheme via Penfold
  • Mental health support and therapy via Spectrum.life
  • Individual wellbeing allowance via Juno
  • Private healthcare insurance through AXA
  • Income protection and Life Insurance
  • Cycle to Work Scheme
  • Top-spec equipment (laptop, screens, adjustable desks, etc.)
  • Regular remote and in-person hackathons, lunch and learns, socials, and game nights
  • Fulltime
Read More
Arrow Right

Staff Cloud Security Engineer

We're making the world of digital assets accessible and secure for everyone. Joi...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in DevSecOps & automation, security assessment, and cloud-native environments
  • 8+ years of experience on information security
  • Proficiency working in Unix/Linux environments, Git, Python, Terraform, Kubernetes, AWS cloud solutions and architectures, CI/CD tools, configuration management, etc.
  • Hands-on experience with security tooling deployment, monitoring, and incident response
  • Proven track record of cross-functional work, with the ability to collaborate effectively with various teams and stakeholders
  • Excellent presentation and written communication skills
  • Ability to work autonomously, deal with ambiguity, and handle high-pressure situations
Job Responsibility
Job Responsibility
  • Building and driving the cybersecurity transformation by integrating secure development practices, ensuring application security via automated scanning, and collaborating closely with the Infrastructure, Engineering, and The product security (Donjon) teams
  • Collaborate with the Infrastructure, the engineering and the Donjon teams to integrate security into the delivery plans, ensure early detection and mitigation of security vulnerabilities
  • Work closely with the Donjon, the product Security team responsible, to provide automation and tooling for product security evaluation integration in CI/CD pipeline
  • Engage in proactive security practices, including penetration testing, vulnerability assessments, and Infrastructure Security (IaC) code reviews to ensure Ledger's platforms and applications are secure
  • Participate in the design and implementation of security architectures, from the design to the risk assessment
  • Act as the primary point of contact for any security incidents, ensuring rapid response, mitigation, and post-incident analysis
  • Drive the adoption of DevSecOps culture, best practices, and methodologies across the organization, ensuring continuous security improvement
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets, including Apple products
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Staff Cloud Security Engineer

We're making the world of digital assets accessible and secure for everyone. Joi...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in DevSecOps & automation, security assessment, and cloud-native environments
  • 8+ years of experience on information security
  • Proficiency working in Unix/Linux environments, Git, Python, Terraform, Kubernetes, AWS cloud solutions and architectures, CI/CD tools, configuration management, etc.
  • Hands-on experience with security tooling deployment, monitoring, and incident response
  • Proven track record of cross-functional work, with the ability to collaborate effectively with various teams and stakeholders
  • Excellent presentation and written communication skills
  • Ability to work autonomously, deal with ambiguity, and handle high-pressure situations.
Job Responsibility
Job Responsibility
  • Collaborate with the Infrastructure, the engineering and the Donjon teams to integrate security into the delivery plans, ensure early detection and mitigation of security vulnerabilities
  • Work closely with the Donjon, the product Security team responsible, to provide automation and tooling for product security evaluation integration in CI/CD pipeline.
  • Engage in proactive security practices, including penetration testing, vulnerability assessments, and Infrastructure Security (IaC) code reviews to ensure Ledger's platforms and applications are secure.
  • Participate in the design and implementation of security architectures, from the design to the risk assessment.
  • Act as the primary point of contact for any security incidents, ensuring rapid response, mitigation, and post-incident analysis.
  • Drive the adoption of DevSecOps culture, best practices, and methodologies across the organization, ensuring continuous security improvement.
What we offer
What we offer
  • Equity
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets, including Apple products
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Staff Cloud Security Engineer

We're making the world of digital assets accessible and secure for everyone. Joi...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in DevSecOps & automation, security assessment, and cloud-native environments
  • 8+ years of experience on information security
  • Proficiency working in Unix/Linux environments, Git, Python, Terraform, Kubernetes, AWS cloud solutions and architectures, CI/CD tools, configuration management, etc.
  • Hands-on experience with security tooling deployment, monitoring, and incident response
  • Proven track record of cross-functional work, with the ability to collaborate effectively with various teams and stakeholders
  • Excellent presentation and written communication skills
  • Ability to work autonomously, deal with ambiguity, and handle high-pressure situations.
Job Responsibility
Job Responsibility
  • Collaborate with the Infrastructure, the engineering and the Donjon teams to integrate security into the delivery plans, ensure early detection and mitigation of security vulnerabilities
  • Work closely with the Donjon, the product Security team responsible, to provide automation and tooling for product security evaluation integration in CI/CD pipeline
  • Engage in proactive security practices, including penetration testing, vulnerability assessments, and Infrastructure Security (IaC) code reviews to ensure Ledger's platforms and applications are secure
  • Participate in the design and implementation of security architectures, from the design to the risk assessment
  • Act as the primary point of contact for any security incidents, ensuring rapid response, mitigation, and post-incident analysis
  • Drive the adoption of DevSecOps culture, best practices, and methodologies across the organization, ensuring continuous security improvement.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets, including Apple products
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Detection Engineer

At Boeing, we innovate and collaborate to make the world a better place. We’re c...
Location
Location
Australia , Brisbane
Salary
Salary:
Not provided
boeing.com Logo
Boeing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • The ability to hold and maintain NV1 security clearance
  • Minimum of 5 years of experience in information security, with a focus on SIEM technologies, particularly Splunk
  • A diploma or degree in cyber security, IT, related discipline or equivalent experience
  • Strong experience in onboarding systems and applications into SIEM environments
  • Familiarity with application monitoring best practices and tools
  • Proven experience in creating detection use cases based on threat intelligence and threat assessments
  • Familiarity with threat intelligence tools, and their application in security operations
  • Relevant certifications related to Splunk, or incident handling are a plus
  • Excellent analytical and problem-solving skills, demonstrating attention to detail
  • Strong communication skills, both verbal and written, with the ability to convey complex security concepts to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Lead the design, implementation, and configuration of SIEM solutions tailored to Boeing Australia's organisational needs
  • Develop monitoring plans in collaboration with system SMEs and onboard monitoring into the SIEM environment
  • Utilise threat management tools such as MISP to collect, analyse, and share threat intelligence effectively. Integrate threat intelligence into the SIEM environment to enhance detection and response capabilities
  • Contribute to Incident response, including detection, containment, eradication, and recovery phases. Contribute to post-incident analysis to identify root causes and recommend improvements to prevent future incidents
  • Prepare and present reports on security metrics, detections, incidents, and trends to management
  • Work closely with cross-functional teams to enhance overall security awareness and practices
  • Provide mentorship to junior security staff on SIEM technologies, onboarding processes, detection use cases, and incident response procedures.
What we offer
What we offer
  • Flexible working options
  • Study assistance
  • Salary packaging
  • Employee Incentive Program
  • Global opportunities
  • Fulltime
Read More
Arrow Right

Staff Detection Engineer

Crusoe Security & Compliance is hiring a Senior Detection Engineer to play a cri...
Location
Location
United States , San Francisco
Salary
Salary:
165000.00 - 200000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 6+ years in cybersecurity, with a focus on detection and response
  • Technical proficiency with protection of on-premise computing environments and proficiency with one or more major cloud computing environments
  • Strong expertise in incident handling and forensic investigation
  • Strong knowledge of the cyber threat landscape and ability to articulate and incorporate understanding of major threat categories, motivations, and intent of adversaries
  • Automation-first mindset and demonstrated expertise in mentoring and training peers in security engineering skill sets
  • Experience in at least one programming language (Python, Go, C, C++) or deep expertise using low-code automation tools or SOAR platforms
  • Exceptional collaboration and communication skills, with the ability to engage with partners and stakeholders from various perspectives and technical understanding
  • Familiarity with modern infrastructure tools, such as Docker, Kubernetes, Ansible, Cloud Formation, Terraform
  • Experience building and scaling open source security observability solutions
  • Experience with Unix/Linux environments
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive security operations strategy that aligns with organizational goals
  • Evaluate and implement emerging security technologies and methodologies
  • Partner with stakeholders and cross-functional teams (Engineering, Product, SRE, IT, Legal)
  • Design, implement, and fine-tune advanced detection mechanisms
  • Continuously tune alerting rules to reduce false positives and enhance our signal-to-noise ratio
  • Perform forensics and lead response efforts during security incidents
  • Drive the advancement and growth of detection and automation initiatives
  • Manage security event monitoring, management, response workflows, and tasks
  • Improve security operations by developing measurement capabilities and metrics
  • Author comprehensive runbooks, write automation scripts, and build SOAR capabilities
What we offer
What we offer
  • Restricted Stock Units
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right
New

Sr Solution Architect

Do you enjoy solving problems, looking at problems through a different lens, and...
Location
Location
United Kingdom , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven success and expertise in architecting innovative solutions primarily in a client-facing role
  • Ability to quickly build relationships and credibility with customers
  • Ability to build trust to drive change with customers
  • Track record of delivering quality solutions as a technical leader
  • Executes recognized Architectural methods, processes and tools
  • A passion for learning about and experimenting with new technologies
  • Confidence in creating and delivering technical presentations and training
  • Excellent organization and planning skills
  • Bachelor’s degree relevant to Information Technology/Computer Science, Engineering (or equivalent)
  • Technical knowledge of Microsoft security and identity technologies, such as Active Directory, Azure Active Directory, Microsoft Defender, Azure, Azure Security Center, and Sentinel
Job Responsibility
Job Responsibility
  • Business to Technology Strategy: Articulating value propositions for the most strategic Microsoft products and services
  • Actively and insightfully listen to translate and articulate customer challenges and translate these to business objectives and project outcomes
  • Support the sales process and provide input on contract, staffing, assumptions and risks
  • Quantify she needs of the business to achieve value outcomes, champion required methodology, capture/reuse IP and share best practices
  • Demonstrate ability to match technical solutions with customer business requirements
  • Technology Delivery Management: Strong leadership of Technical Delivery teams, driving high performance and collaboration in complex matrix environments
  • Demonstrate an understanding of and champions Customer/Partner Change management and adoption principles
  • Own Delivery Excellence
  • Demonstrate expertise in chosen field, drive opportunities to accelerate the adoption of the Microsoft Cloud
  • Drive and support innovation focusing on industry solutions and customer business outcomes on the Microsoft platform
  • Fulltime
Read More
Arrow Right

Cybersecurity Engineer

The Cybersecurity Engineer will focus on crafting comprehensive cybersecurity po...
Location
Location
United States of America , Highland
Salary
Salary:
96000.00 - 113000.00 USD / Year
basler.com Logo
Basler Electric
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related field
  • Minimum 5 years of experience in a related field
  • Professional security certifications such as CISSP and Security+ are highly desirable
  • Proven experience in developing and implementing cybersecurity policies
  • Familiarity with NIST 800-171 and other relevant security guidelines and frameworks
  • Strong knowledge of malware analysis and incident response procedures
  • Proficiency in managing patching software and understanding of patch management best practices
  • Familiarity with Microsoft Active Directory, Windows Servers, and SCCM
  • Ability to support end users at a Tier 1 level
  • Familiarity with troubleshooting Microsoft Office products
Job Responsibility
Job Responsibility
  • Work with Director of IT and Systems Administrator to develop, implement, and maintain cybersecurity policies and procedures
  • Respond to cybersecurity questionnaires from clients, partners, and regulatory bodies
  • Investigate and respond to malware events, including detection, analysis, and remediation
  • Manage and oversee patching software to ensure systems and applications are up-to-date with the latest security patches
  • Maintains OS patch schedule and third-party software updates, including testing and deployment
  • Monitor and manage MDR (Managed Detection and Response) and investigate antivirus/malware events
  • Manage various security software applications for the entire organization
  • Collaborate with IT teams to address vulnerabilities and enhance overall security posture
  • Ensure conformity of servers with other information systems that follow system hardening best practices
  • Conduct regular security audits and assessments to ensure compliance with established policies and standards
What we offer
What we offer
  • Medical
  • Prescription
  • Dental
  • Vision
  • Life
  • AD&D insurance
  • 401k plan
  • paid leaves for Vacation
  • Holiday
  • Sick
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy