5+ years of experience across security engineering, software engineering, or data engineering
Strong programming skills in languages such as Python, Go, or similar
Hands-on experience with cloud platforms and modern infrastructure (AWS, Kubernetes, containers, IaC)
Background in centralized logging, SIEM tools, and data pipeline development
Familiarity with Git-based workflows and CI/CD automation
Understanding of threat actor behaviors, tactics, and techniques
Proven experience detecting, investigating, and responding to security incidents
Strong communication skills with the ability to collaborate and provide technical direction
Self-starter mindset with the ability to make independent decisions
Interest in applying AI/ML to cybersecurity challenges
Commitment to continuous learning and staying current in the field
Technical Skills
The team is particularly focused on candidates with experience in modern cloud security platforms, with a strong preference for Wiz. However, comparable tools such as CrowdStrike or similar cloud/endpoint security solutions are also highly relevant.
Additional exposure includes:
AWS security and cloud-native controls
Identity and access management tools such as Okta
Endpoint and device management, including Mac and mobile environments
Building and scaling detection capabilities
Core Responsibilities
Build and enhance scalable detection capabilities using an engineering-first approach
Develop and maintain systems that identify and mitigate threats across the organization
Create detection logic as code (rule-based and ML-driven), incorporating automated testing and deployment pipelines
Manage incident response end-to-end, including monitoring, triage, and resolution (on-call participation required)
Improve detection and response processes through automation and AI-driven solutions
Ingest and structure security telemetry to support efficient querying, analytics, and investigations
Monitor evolving threats and implement controls to address new and emerging risks
Collaborate with engineering teams to integrate security into cloud-native architectures
Preferred / Nice-to-Have
Experience with Detection as Code frameworks
Strong foundation in data engineering or data science concepts
Experience building detection-focused data pipelines
Familiarity with analytics-driven or metrics-based security approaches (e.g., precision/recall)
