Build alerts and automation workflows to improve capabilities to detect and response to external and internal security threats
Manage our logging pipelines and infrastructure and onboard new logging sources to improve our detection coverage
Develop and maintain internal tooling to expand and automate team detection and response capabilities
Respond to alerts generated from our tooling and run incidents as part of an on-call rotation
Collaborate with cross team partners
Hunt for previously undetected threats in our environment
Leverage AI to streamline and enhance the efficiency, accuracy, and coverage of security engineering.

Bachelor’s degree in Computer Science, Cybersecurity or a related field or equivalent experience
Strong knowledge of intrusion detection and incident response with an engineering focus in a modern cloud first environment
Knowledge of the attacker lifecycle, common attack and detection techniques
Hands on experience with writing SIEM queries for alerting, response, and threat hunting
Experience consuming threat intel and applying it to improve detection capabilities
Familiarity with using multiple sources of telemetry for threat investigations: Eg. EDR, Osquery, Firewall logs
Understanding of networking technologies and/or network security, basic TCP/IP network fundamentals
Depth in ideally MacOS internals, or alternatively in Linux/UNIX or Windows internals, persistence mechanisms, privilege escalation techniques
Scripting or automation experience (e.g., Python, Go, Ruby) for tool development or integration
Demonstrated ability to use AI to improve speed and quality in your day-to-day workflow for relevant outputs.
Strong track record of critical evaluation and verification of AI-assisted work (e.g., testing, source-checking, data validation, peer review).
High integrity and ownership: you protect sensitive data, avoid over-reliance on AI, and remain accountable for final decisions and deliverables.

Security Software Engineer II, Detection and Response

Key skills