RemoteLeaf Logo
Log in Sign up

Senior Security Engineer - Detection & Response - EU/UK

1 month, 2 weeks ago
United Kingdom
Full-time
Lead
Security Engineer
Cybersecurity
AWS Git SIEM
Apply Now
Marqeta

Marqeta

Marqeta is a pioneer in modern card issuing and payment solutions, offering businesses instant card issuance and payment processing through their innovative open API platform.

Diversified Financial Services
251-1K
Founded 2010
View All Jobs 23

Description

  • Lead the incident response program and serve as incident commander during security events of all severity levels.
  • Monitor the environment for cyber threats and manage day-to-day security alerts through analysis, triage, and response.
  • Execute incident response activities aligned with the NIST Incident Response Lifecycle to detect, contain, eradicate, recover, and learn from incidents.
  • Maintain and improve the Cybersecurity Incident Response Plan, playbooks, runbooks, and standard operating procedures.
  • Participate in 24x7x365 on-call rotations and support post-incident reviews.
  • Research threat intelligence sources and lead hypothesis-driven threat hunting in corporate and production environments.
  • Partner with Security Engineering and Security Solution Engineering to tune tools, improve detections, and deploy detections through CI/CD pipelines.
  • Design, develop, and maintain detection logic using a detections-as-code approach for SIEM and EDR platforms.
  • Map detection coverage to MITRE ATT&CK and identify gaps to prioritize detection development.
  • Coordinate with HR, law enforcement, response retainers, cyber insurers, Fraud, Compliance, and Risk teams during relevant security incidents.

Requirements

  • 5+ years of hands-on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting.
  • Experience serving as an incident commander or leading incident response workstreams under pressure.
  • Strong knowledge of the NIST Incident Response Lifecycle and incident response documentation and procedures.
  • Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems.
  • Experience developing detections-as-code, including version control, CI/CD pipelines, and detection testing frameworks.
  • Working knowledge of MITRE ATT&CK and its use for assessing detection coverage and mapping threat actor TTPs.
  • Experience contributing to post-incident reviews and implementing improvements from lessons learned.
  • Solid understanding of threat actor TTPs and the ability to apply threat intelligence to detection and response.
  • Experience tuning security solutions and building automation workflows to improve monitoring and response efficiency.
  • Working knowledge of AWS cloud services and securing cloud environments.
  • Experience in payment processing, fintech, or another highly regulated environment; familiarity with PCI DSS incident handling is a plus.
  • Ability to communicate effectively with technical and non-technical stakeholders during incidents and investigations.
  • Proven ability to work independently and judge when to engage teammates or escalate issues.
  • Willingness to mentor and support junior security professionals.
  • UK-based and able to work remotely anywhere in the UK or from the London office.

Benefits

  • Premium private medical and dental coverage.
  • Generous time off program with additional floating holiday days.
  • Retirement savings program with company contribution.
  • Equity in a publicly traded company plus an Employee Stock Purchase Program.
  • Monthly stipend to support remote work.
  • Annual development stipend for growth and development.
  • Family-forming benefits and up to 20 weeks of parental leave.
  • Wellbeing programs including Modern Health and HealthKick.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

The Missing Link

Saviynt IAM Specialist

The Missing Link 51-250 Internet Software & Services

The Missing Link is seeking a Security Engineer - Saviynt to support large enterprise identity governance initiatives, design and deliver Saviynt-based solutions, and strengthen its growing cyber security practice.

India Full-time Mid Level Security Engineer
Active Directory Azure Cybersecurity JavaScript PowerShell REST API SAP SQL
20 hours, 8 minutes ago
EnableComp

AI Security Architect (REMOTE - United States)

EnableComp 251-1K Insurance

EnableComp is seeking a remote AI Security Architect to secure and govern its AI and machine learning initiatives within its healthcare revenue cycle management environment.

United States Full-time Senior AI Engineer Security Engineer
Azure Cybersecurity HIPAA LLM Machine Learning
20 hours, 24 minutes ago
Dropbox

Senior Infrastructure Security Engineer

Dropbox 1K-5K Internet Software & Services

Dropbox is hiring a Security Engineer to secure its AI and agentic infrastructure while helping protect products and users across cloud and on-prem environments.

Canada Full-time Lead Infrastructure Engineer Security Engineer
$152k-$206k
Bash CI/CD CrowdStrike Go Java Kubernetes Linux LLM Node.js OAuth OpenID Connect OWASP Python Ruby Rust SIEM
20 hours, 24 minutes ago
Fullscript

Staff, Security Engineer

Fullscript 251-1K Health Care Providers & Services

Fullscript is hiring a Staff Security Engineer to lead hands-on security engineering across its healthcare technology platform, shaping secure product development and protecting systems that support practitioners and patients.

United States Canada Full-time Lead Security Engineer
AWS GitHub GitLab GraphQL JavaScript Node.js Penetration Testing Ruby on Rails
20 hours, 54 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers