🛠 Tech Stack

💼 About This Role

You'll operate across incident response, platform quality, and operational improvement, handling high-severity escalations and ensuring tooling is fit for purpose. Your core impact will be shaping response automation and improving detection quality. This role offers direct engagement with engineering teams and customers on hard problems.

🎯 What You'll Do

• Handle complex incident response and escalation for high-severity incidents.
• Assess and improve telemetry and logging coverage across customer environments.
• Ensure SIEM and detection quality by evaluating data normalization and alert logic.
• Contribute to response automation quality by reviewing SOAR playbooks.
• Support technical needs across SOC, engineering, and customers.

📋 Requirements

• 5+ years in security operations, incident response, or detection engineering.
• Strong fluency in logging and telemetry evaluation and deficiency identification.
• Hands-on experience with SIEM platforms like Chronicle, Sentinel, or Splunk.
• Solid understanding of response automation including SOAR and containment logic.
• Working knowledge of cloud security architecture in AWS, Azure, or GCP.

✨ Nice to Have

• Multi-cloud breadth across AWS, Azure, and GCP.
• Experience with IaC (Terraform, CloudFormation) and DevSecOps.
• Familiarity with AI/LLM-based tooling for security workflows.

🎁 Benefits & Perks

• 🚀 Cutting-edge AI-driven cybersecurity technologies
• 🤝 Collaborative and innovative team
• 💰 Competitive salary and benefits
• 📈 Growth and development opportunities

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager Interview· 45 min
4. 4Offer· 15 min

🚩 Heads Up

• Role mixes incident response, detection engineering, and platform quality duties; may spread too thin.