RemoteLeaf Logo
Log in Sign up

Staff Detection and Response Engineer

1 hour, 13 minutes ago
India
Full-time
Lead
Security Engineer
DevOps and Infrastructure
AWS CI/CD GCP Machine Learning Python SIEM Snowflake
Apply Now
AlphaSense

AlphaSense

AlphaSense develops an artificial intelligence-based search platform that enables investment and corporate professionals to quickly access and analyze extensive financial data and market insights from over 500 million documents, enhancing decision-maki...

Internet Software & Services
251-1K
Founded 2011
$770M raised
View All Jobs 7

Description

  • Design, implement, and maintain advanced detection rules and correlation logic across SIEM, EDR, and cloud platforms.
  • Lead detection strategy and architecture aligned with detection quality frameworks.
  • Write high-fidelity detection rules using languages such as SIGMA and YARA-L.
  • Perform deep log source analysis, threat modeling, adversary emulation, and MITRE ATT&CK mapping maintenance.
  • Conduct detection gap analysis and continuously improve detection coverage and quality.
  • Create and maintain detection playbooks, runbooks, and supporting documentation.
  • Develop automated response playbooks and integrate security tools through APIs for SOAR workflows.
  • Build automated enrichment and containment actions to accelerate and scale incident response.
  • Co-lead the threat hunting program, including strategy, methodology, and campaign planning.
  • Execute proactive threat hunts, analyze anomalous behavior, and develop hunting automation and tooling.

Requirements

  • 7+ years of experience in security operations, including 3+ years in detection engineering.
  • Deep expertise creating high-fidelity detection rules using SIGMA, YARA-L, KQL, or SPL.
  • Proven experience building detection strategies across SIEM, EDR, and cloud platforms using MITRE ATT&CK.
  • Expert knowledge of SOAR platforms such as Tines, Splunk SOAR, or Cortex XSOAR.
  • Experience designing and implementing SOAR platform architecture from concept to production.
  • Advanced Python scripting and automation development skills for API integrations and tool orchestration.
  • Strong threat hunting experience, including hypothesis development and campaign execution.
  • Hands-on experience with Jupyter Notebooks, Osquery, and Velociraptor for data analysis and hunting.
  • Deep understanding of attack techniques, lateral movement, persistence, and post-exploitation TTPs across Windows, Linux, and macOS.
  • Familiarity with security frameworks such as MITRE ATT&CK, PICERL, NIST CSF, and Detection Maturity Models.
  • Ability to lead technical initiatives, mentor team members, and communicate complex technical concepts effectively.
  • Preferred: experience with YARA-L, CrowdStrike Falcon custom IOA rules, purple team activities, CI/CD for detection-as-code, security certifications, security data lakes, threat intelligence platforms, or published security research.

Benefits

  • High-impact leadership role with ownership of critical security capabilities.
  • Opportunity to architect and build a SOAR platform from the ground up.
  • Chance to lead major SIEM migration efforts and other greenfield initiatives.
  • Work on a modern security stack protecting a large enterprise customer base.
  • High autonomy and influence over security architecture, tool evaluation, and team direction.
  • Join a growing security team with clear structure and growth opportunities.
  • Split time between strategic architecture work and hands-on investigation and hunting.
  • Opportunity to use and advance detection-as-code, automation-as-code, and data-driven security practices.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Coinbase

Senior Data Protection Engineer

Coinbase 1K-5K Capital Markets

Coinbase is seeking a Senior Data Protection Engineer to lead its data protection and data loss prevention efforts, strengthening security across a decentralized environment while supporting global compliance and operational speed.

Ireland Full-time Senior Security Engineer
$0k-$0k
Blockchain Generative AI iOS LLM Machine Learning SIEM
13 minutes ago
ClickHouse

Incident Response Security Engineer

ClickHouse 51-250 IT Services

ClickHouse is hiring a security practitioner to strengthen detection and incident response across its cloud products and services.

Singapore Full-time Senior Security Engineer
AWS Azure GCP Go Penetration Testing Python
13 minutes ago
Abnormal AI

Machine Learning Engineer II - Behavioral Security Products

Abnormal AI Internet Software & Services

Abnormal AI is hiring a Machine Learning Engineer for its Account Takeover Detection team to build and improve production ML systems that detect malicious activity and prevent account takeover attacks.

United Kingdom Mid Level Machine Learning Engineer Security Engineer
Apache Airflow Apache Spark AWS Azure Cybersecurity LLM Machine Learning MLOps Pandas Python PyTorch Scikit-learn SQL TensorFlow
13 minutes ago
Coinbase

Data Protection Engineer

Coinbase 1K-5K Capital Markets

Coinbase is hiring a Data Protection Engineer (L4) to strengthen and automate its data protection and DLP capabilities across a decentralized, global environment.

United States Full-time Mid Level Security Engineer
$144k-$170k
Blockchain Generative AI iOS LLM Machine Learning
28 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers