RemoteLeaf Logo
Log in Sign up

Security Engineer - Threat Detection

4 weeks, 1 day ago
Ireland
Full-time
Senior
Security Engineer
Software Development
Apache Spark AWS Azure Databricks Elasticsearch GCP Linux macOS Python SIEM Splunk SQL Trino
Apply Now
Stripe

Stripe

Stripe is a global technology company that provides financial infrastructure for the internet. They offer a suite of APIs and tools for businesses to accept online and in-person payments, automate financial processes, and embed financial services in th...

Diversified Financial Services
5K-10K
Founded 2009
$8700M raised
View All Jobs 183

Description

  • Design, build, and tune high-fidelity detections across modern SIEM platforms for adversary techniques across the full attack lifecycle.
  • Develop detection hypotheses by researching attacker tradecraft, identifying evidence sources, and mapping detection opportunities to available telemetry.
  • Conduct hypothesis-driven threat hunts to uncover malicious activity, identify detection gaps, and validate security controls.
  • Perform malware analysis and reverse engineering to extract indicators and inform detection strategies.
  • Build network-based and endpoint-based detections across Windows, Linux, and macOS using logs, EDR telemetry, memory artifacts, and protocol analysis.
  • Partner with Threat Intelligence to turn intel reports into detections, hunting leads, and enrichment logic.
  • Collaborate with incident response, SOC, and offensive security teams to validate and refine detections using real-world incidents and red team exercises.
  • Build data pipelines, automation, and tooling to support detection-as-code and scalable deployment.
  • Map and prioritize detection coverage against MITRE ATT&CK across key attack surfaces.
  • Lead projects, mentor teammates, and uphold quality standards within the team.

Requirements

  • 5+ years of experience in detection engineering, threat hunting, or security operations.
  • Experience writing detection logic in modern SIEM platforms such as Splunk, Chronicle, Elastic, CrowdStrike NG-SIEM, Panther, or Microsoft Sentinel.
  • Strong understanding of adversary tradecraft across the attack lifecycle, including initial access, privilege escalation, lateral movement, defense evasion, persistence, and exfiltration.
  • Ability to extract TTPs from threat intelligence reports and translate them into detection opportunities.
  • Experience developing network-based and endpoint-based detections across Windows, Linux, and macOS.
  • Experience analyzing telemetry from endpoint, network, cloud environments such as AWS, GCP, or Azure, identity, and application log sources.
  • Proficiency in detection/query languages such as SPL, KQL, EQL, YARA-L, or SQL, and programming in Python or a similar language.
  • Strong communication skills with the ability to document detection logic and explain findings to technical and non-technical audiences.
  • Adversarial mindset with the ability to think like an attacker to build effective detections.
  • Experience in fintech, financial services, or highly regulated environments is preferred.
  • Background in malware analysis, reverse engineering, or threat research is preferred.
  • Experience with purple team operations and collaborative detection validation is preferred.
  • Familiarity with big data platforms such as Databricks, Trino, or PySpark for large-scale log analysis is preferred.
  • Proficiency with AI/LLM-assisted development tools such as Claude Code, Cursor, or GitHub Copilot applied to detection workflows is preferred.
  • Interest in agentic automation using LLMs to augment hunting, tuning, or triage is preferred.
  • Experience with detection validation tools such as Atomic Red Team or ATT&CK Evaluations is preferred.
  • Contributions to open-source detection content, research, or conference presentations are preferred.
  • Relevant certifications such as HTB CDSA, GCIH, GCFA, GNFA, OSCP, TCM PMAT, or GREM are preferred.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

INflow Federal

DevSecOps Engineer

INflow Federal 51-250 Aerospace & Defense

INflow Federal is seeking a fully remote DevSecOps Engineer to support an enterprise case management solution for Department of Defense mission partners by securing and automating cloud-based CI/CD and infrastructure operations in AWS GovCloud.

United States Full-time Senior DevOps Engineer Security Engineer
Agile AWS Bash CI/CD CloudFormation Docker ELK Stack Git GitLab CI Helm Jenkins Kubernetes PowerShell Prometheus Python Terraform
1 hour, 48 minutes ago
Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter security.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth Secrets Management Terraform Vercel
2 hours, 29 minutes ago
Anduril Industries

Senior Detection and Response Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Senior Detection and Response Engineer to build and operate defensive security controls that protect the infrastructure supporting its defense technology products.

United States Full-time Senior Security Engineer
$166k-$220k
AWS Azure CI/CD CloudFormation Docker GitHub Go Kubernetes Network Security Python Rust SQL Terraform
4 hours, 9 minutes ago
Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter defenses in a hands-on technical leadership role.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth OpenID Connect Secrets Management Terraform Vercel
4 hours, 42 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers