Crossover HealthRemote
Security Engineer- Detection and Response
United States
Full-time
Just now
$111,000 - $150,000 USD
H1B Sponsor
Key skills
SIEM expertiseEDR expertiseIncident responseThreat intelligenceSOAR platformsNetwork securityCloud securityData Loss PreventionCoding languagesJira workflowsHIPAA regulationsSecurity certificationsCommunication skillsProblem solvingOrganizational skillsCollaboration skillsJiraLeadershipCommunicationProblem SolvingCollaborationCloud Security
About this role
Crossover Health is creating a new model of healthcare focused on wellbeing and prevention. The Security Engineer (Detection and Response) will build and operate detection and response capabilities, designing and automating workflows to protect the organization's people, data, and systems.
Responsibilities:
- Incident Response: Detect, analyze, and respond to security incidents, ensuring timely remediation, documentation, and lessons learned
- Detection Engineering: Develop, tune, and maintain detection logic across SIEM, EDR, IDS, and related platforms to improve visibility and reduce false positives
- SOAR & Automation: Build and maintain SOAR playbooks and scripts to automate alert triage, response actions, and routine operational tasks
- Threat Intelligence & Analysis: Correlate threat intelligence with internal telemetry to identify emerging risks and inform new detection capabilities
- Security Monitoring: Operate and enhance monitoring systems to identify potential threats across cloud, endpoint, and network environments
- Security Awareness & Reporting: Support awareness and phishing programs, and deliver clear, actionable reporting and communications on security posture and incidents to leadership
- Data Loss Prevention: Develop DLP rules and processes to detect and prevent data loss or misuse across cloud, endpoint, and email systems
Requirements:
- 6+ years of experience in security operations, incident response, or threat detection, with demonstrated technical leadership
- Strong hands-on expertise with SIEM, EDR, IDS/IPS, and SOAR platforms
- Deep understanding of security event analysis, threat intelligence, and response automation
- Experience developing and maintaining incident response playbooks, runbooks, and operational processes
- Solid knowledge of network, endpoint, and cloud security fundamentals
- Excellent communication and collaboration skills, with the ability to lead cross-functional response efforts and convey complex security topics clearly
- Strong organizational and problem solving skills
- Security related certifications, such as CISSP, GCIH, GSOC and/or other professional certifications
- Experience implementing and/or managing Jira workflows and configurations
- Development experience or working knowledge of common coding languages
- Prior experience with HIPAA regulations and clinical environments