🛠 Tech Stack

💼 About This Role

You'll join Notion's Detection and Response team to monitor, investigate, and respond to security events in a cloud-native environment. You'll take ownership of detections and response workflows, mentoring and leading an expanding team in Hyderabad. This role offers hands-on security operations with meaningful impact across a fast-growing company.

🎯 What You'll Do

• Investigate and respond to security alerts end-to-end.
• Participate in a 24/7 on-call rotation for incident response.
• Develop, tune, and maintain detection rules and workflows.
• Mentor and coach less-experienced security engineers.

📋 Requirements

• 7+ years experience in security operations or incident response.
• Experience with SIEM, EDR, and cloud-native platforms.
• Proficiency in Python or Bash for scripting and automation.
• Knowledge of attacker TTPs and frameworks like MITRE ATT&CK.

✨ Nice to Have

• Experience with Sigma, KQL, or Splunk SPL.
• Familiarity with cloud environments (AWS, GCP, Azure).
• Experience investigating identity platforms like Okta or Google Workspace.

🎁 Benefits & Perks

• 🏖️ Unlimited PTO
• 💰 Equity package
• 🏥 Health, dental, and vision insurance
• 📈 401(k) matching
• 🏢 Hybrid work model with anchor days

📨 Hiring Process

The interview process includes a short coding exercise to assess problem-solving and automation skills.