🛠 Tech Stack

💼 About This Role

You'll design, build, and improve detection capabilities across our security stack for a healthcare data collaboration platform. You will play a critical role in identifying threats, reducing risk, and enabling rapid response through high-fidelity detections and strong collaboration with Security Operations and Incident Response teams. This role stands out for leveraging Cyberhaven to build data exfiltration and insider risk detections.

🎯 What You'll Do

• Design, develop, and maintain detection logic across endpoint, network, and cloud environments
• Create and tune detections using CrowdStrike, Zscaler, SIEM, and DLP solutions
• Leverage Cyberhaven to build data exfiltration and insider risk detections
• Analyze logs and telemetry to identify attack patterns and anomalies

📋 Requirements

• Strong experience with Data Loss Prevention (DLP) tools like CyberHaven and Microsoft Purview
• Experience with CrowdStrike and Zscaler (or comparable EDR and network security platforms)
• Deep understanding of Windows event logs and investigation-relevant artifacts
• Experience with SIEM platforms, log management systems, and endpoint security tools

✨ Nice to Have

• Experience building detections mapped to frameworks such as MITRE ATT&CK
• Familiarity with scripting or query languages (e.g., Python, KQL, SPL, SQL)
• Experience with insider threat or data exfiltration detection strategies

🎁 Benefits & Perks

• 💰 Competitive compensation ($124k-$155k USD)
• 🏥 Health insurance (implied)
• 💻 Remote work
• 💉 Vaccination requirements (flu, Tdap, COVID-19) - exemptions possible

📨 Hiring Process

Estimated timeline: 3-5 weeks · AI estimate

1. 1Application Review· 1 week
2. 2Recruiter Phone Screen· 30 min
3. 3Technical Interview· 1 hour
4. 4Hiring Manager Interview· 45 min
5. 5Offer· 1 week