RemoteLeaf Logo
Log in Sign up

Sr. Staff Security Engineer, Incident Response

2 hours, 53 minutes ago
United States
Full-time
Lead
Security Engineer
Cybersecurity
Apache Spark AWS Azure macOS MLflow Python SIEM
Apply Now
Databricks

Databricks

Databricks is the pioneering data intelligence platform, empowering organizations worldwide to solve complex data challenges with AI-driven analytics solutions.

IT Services
1K-5K
Founded 2013
$4450M raised
View All Jobs 110

Description

  • Lead complex security investigations, impact analysis, and crisis management for major incidents using the Incident Management System (IMS).
  • Drive the organization’s incident response strategy, roadmap, and multi-year technology direction across critical security areas.
  • Develop and improve threat detection and response programs to reduce MTTD and MTTR.
  • Architect security automation and orchestration frameworks for alert triage, pre-investigation analysis, and response workflows.
  • Analyze malicious activity across cloud layers, correlate logs from multiple sources, and identify security and logging gaps.
  • Work across AWS, Azure, and GCP environments to understand architecture, security limits, and cloud forensics.
  • Communicate investigation findings and security decisions to executive leadership and other stakeholders.
  • Mentor technical team members and help elevate team productivity through tools, systems, policies, presentations, and blogs.
  • Collaborate across departments to integrate security practices into the organization and product development lifecycle.

Requirements

  • 12+ years of experience in security, with a strong focus on incident response, detection, and/or threat intelligence, or an advanced degree with 8+ years of experience.
  • Deep expertise in Incident Management and Incident Response tool development.
  • Knowledge of Azure and AWS cloud concepts, with the ability to analyze logs and correlate sources to reconstruct attack scenarios.
  • Ability to identify logging gaps and recommend configurations that support incident response needs.
  • Strong digital forensics experience across network, application/log analysis, host/disk, memory/malware, cloud, and endpoint forensics.
  • Ability to discuss advanced concepts such as virtualized networking, advanced network anomalies, and container forensics.
  • Detailed understanding of enterprise security incidents and malware on endpoints.
  • Expert understanding of MacOS security posture and architecture.
  • Proficiency with SIEM and SOAR platforms, EDR solutions, and forensic analysis tools.
  • Experience using AI and automation technologies to improve security operations and threat detection.
  • Strong communication skills, including the ability to write design docs and deliver tech talks.
  • Proven ability to build, mentor, and lead high-performing cybersecurity teams.
  • U.S. citizenship required; role is open only to United States citizens physically located in the United States.
  • Remote work is available within the U.S., with a preference for candidates based in the San Francisco/Bay Area or Seattle/Bellevue.

Benefits

  • Base salary range of $229,000-$314,800 USD for Zone 1, $206,100-$283,350 for Zone 2, $194,600-$267,650 for Zone 3, or $183,200-$251,900 for Zone 4.
  • Eligibility for an annual performance bonus.
  • Equity may be included in the total compensation package.
  • Comprehensive benefits and perks package.
  • Remote work within the U.S. is supported.
  • Preferred hiring consideration for candidates in the San Francisco/Bay Area or Seattle/Bellevue.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

MetroStar

Sr. Splunk Engineer I (6509)

MetroStar 251-1K IT Services

MetroStar is seeking a Sr. Splunk Engineer to operate and evolve mission-critical SIEM and monitoring platforms that support federal government mission operations and decision-making.

United States Full-time Senior Security Engineer Systems Engineer
$170k-$239k
Agile SIEM Splunk
10 minutes ago
GuidePoint Security

CNAPP Security Engineer (Remote) - Mid-Atlantic region

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a remote CNAPP Security Engineer to support its DevSecOps Security practice in the Mid-Atlantic by advising customers and implementing cloud security tools and controls across public cloud environments.

United States Full-time Mid Level Cloud Engineer Security Engineer
AWS Azure CI/CD CloudFormation GCP Jenkins JSON Kubernetes Microservices PowerShell Python Terraform
10 minutes ago
Cribl

Staff AI Security Engineer

Cribl 251-1K IT Services

Cribl is hiring a Staff AI Security Engineer to build the security and governance layer for its new AI Systems team, enabling safe company-wide AI adoption across internal systems and workflows.

United States Full-time Lead AI (Artificial Intelligence) Security Engineer
$128k-$200k
Confluence JIRA LLM Microservices NetSuite OAuth Salesforce Secrets Management SIEM
40 minutes ago
MetroStar

Sr. Cybersecurity Engineer II (6545)

MetroStar 251-1K IT Services

MetroStar is hiring a Sr. Cybersecurity Engineer II to protect SCI in classified Azure and AWS environments and strengthen cloud security controls across the Intelligence Community Information Environment.

United States Full-time Senior Cloud Engineer Security Engineer
$174k-$200k
AWS Azure CI/CD Cybersecurity SIEM
1 hour, 10 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers