Related skills
linux aws sql kubernetes incident responseπ Description
- Own daily security intake across alerts and walk-in escalations for security ops.
- Investigate and drive end-to-end resolution of security events (endpoint, cloud, SaaS, malware).
- Pivot across endpoint, identity, cloud, SaaS, and network telemetry to scope incidents.
- Run investigations across non-uniform environments with varied device posture and telemetry.
- Turn recurring patterns into durable improvements: new detections and automated triage.
- Identify gaps during investigations and push for durable fixes instead of one-off workarounds.
π― Requirements
- 5+ years in detection/response, IR, or security engineering.
- Strong investigative judgment across endpoint, identity, cloud, SaaS, and network signals.
- Experience leading incidents end-to-end: scoping, containment, comms.
- Strong SQL and log analysis across large telemetry.
- Knowledge of attacker TTPs across macOS, Windows, Linux; live response.
- Experience building, tuning, or maintaining detections, workflows, or internal tooling.
π Benefits
- Remote work options
- Medical insurance
- Flexible time off
- Retirement savings plans
- Family planning support
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!