RemoteLeaf Logo
Log in Sign up

Security Engineer, Detection & Response - Monitoring & Triage

40 minutes ago
Australia
Full-time
Senior
Security Engineer
Cybersecurity
AWS DNS Kubernetes Linux macOS Network Security SQL
Apply Now
Block

Block

Block is a company that consists of Square, Cash App, Spiral, TIDAL, TBD, and foundational teams. They are focused on economic empowerment by creating tools to expand access to the economy. Square helps sellers run and grow businesses, Cash App redefin...

Capital Markets
10K-50K
Founded 2009
View All Jobs 123

Description

  • Own daily security intake across alert queues, Slack channels, and walk-in escalations from teams across Block.
  • Investigate and drive resolution of security events end to end, including endpoint detections, cloud/SaaS alerts, malware, supply chain issues, and hands-on-keyboard activity.
  • Pivot across endpoint, identity, cloud, SaaS, network, DNS, and application telemetry to build timelines, test hypotheses, determine scope, and assess impact.
  • Run nuanced investigations across non-uniform environments where device posture, identity models, and telemetry differ significantly.
  • Turn recurring investigative patterns into durable improvements by recommending detections, automating triage workflows, refining automation logic, and clarifying escalation paths.
  • Identify structural gaps surfaced during investigations and push for durable fixes such as stronger controls, better telemetry, and updated runbooks.
  • Define containment criteria, organize investigation threads, coordinate responders, drive status updates, and follow through on lessons learned.
  • Lead cross-team efforts that improve investigation quality, response readiness, and operational maturity.
  • Present interesting findings to the broader team and participate in tabletop exercises and post-incident reviews.

Requirements

  • 5+ years of experience in detection and response, incident response, security engineering, or equivalent hands-on investigative experience.
  • Strong investigative judgment across endpoint, identity, cloud, SaaS, network, and application security signals.
  • AWS and Kubernetes security fundamentals, cloud-native logging, networking, and Linux systems experience.
  • Experience leading incidents end to end, including scoping, containment, evidence collection, impact assessment, and stakeholder communication.
  • Strong SQL and log-query/analysis skills across large, messy telemetry sets.
  • Current, practical working knowledge of attacker TTPs across macOS, Windows, and Linux, including live response and forensics.
  • An established AI development workflow.
  • Experience building, tuning, or maintaining detections, investigation workflows, or internal security tooling.
  • An engineering mindset focused on eliminating manual patterns through detection, workflow, control, or automation changes.
  • Ability to work independently across time zones and manage competing priorities with empathy, patience, and curiosity.
  • Experience with threat intelligence and threat hunting, preferred.
  • Experience with malware analysis, forensic artifact collection, or reversing, preferred.
  • Experience working with human-in-the-loop automation or AI-assisted investigation systems, preferred.

Benefits

  • Remote work.
  • Medical insurance.
  • Flexible time off.
  • Retirement savings plans.
  • Modern family planning support.
  • Inclusive interview experience with reasonable accommodations for disabled applicants.
  • Globally distributed work environment with cross-time-zone collaboration.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Anduril Industries

Head of Classified Infrastructure, Frontier Systems

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is seeking a senior security leader for its Frontier Systems team to shape and execute classified infrastructure and information security strategy for defense and intelligence programs.

United States Full-time Lead Infrastructure Engineer Security Engineer
$166k-$220k
Cybersecurity Penetration Testing
10 minutes ago
Anduril Industries

Staff Security Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Security Engineer to secure its OT and ICS environments and help design foundational defenses for advanced defense technology and factory systems.

United States Full-time Lead Security Engineer
$191k-$253k
Go Linux Python Rust
10 minutes ago
Upstart

Senior Security Engineering Manager, Enterprise Security

Upstart 1K-5K Banks

Upstart is hiring a Senior Security Manager to lead enterprise security engineering efforts that reduce risk across corporate systems, cloud environments, and security operations.

United States Full-time Lead Program Manager Security Engineer
$191k-$264k
AWS CI/CD Kubernetes SIEM
25 minutes ago
Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter defenses in a hands-on technical leadership role.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth OpenID Connect Secrets Management Terraform Vercel
1 hour, 25 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers