Spotnana powers unparalleled global travel experiences.
Senior Detection and Response Engineer
Location
United States
Posted
13 hours ago
Salary
$150K - $190K / year
Seniority
Senior
Job Description
Senior Detection and Response Engineer
Spotnana
Role Description We are looking for a Detection & Response Engineer to join our Threat Detection & Response team. You'll build, tune, and maintain detection logic across a modern cloud-native security stack, investigate alerts and incidents end-to-end, and help mature our detection engineering and incident response capabilities. - Author, test, and maintain detection logic as code across SIEM, EDR, and cloud platforms - Investigate security alerts, triage findings, and escalate as appropriate - Lead and participate in incident response as both responder and incident commander - Conduct threat hunts informed by emerging TTPs and threat intelligence - Build and improve automation to accelerate detection, triage, and response workflows - Contribute to runbooks, playbooks, and post-incident documentation - Collaborate with engineering and infrastructure teams to improve logging coverage and signal quality Qualifications - 3+ years in a detection engineering, SOC, or incident response role - Hands-on detection-as-code experience — writing, testing, versioning, and deploying custom detection rules in a CI/CD or Git-based workflow - Strong custom detection authoring across at least one SIEM platform (ES|QL, KQL, SPL, or similar query languages) - Demonstrated alert investigation and triage skills — comfortable working from raw logs to root cause - Incident response experience in both responder and commander capacities, including coordination, containment, and post-incident review - Intermediate or above programming proficiency in Python or Go — able to build tooling, parse data, and automate workflows - Engineering background in building, deploying, or maintaining security systems (log pipelines, detection infrastructure, integration work) - Familiarity with the MITRE ATT&CK framework for mapping detections and threat hunts to adversary TTPs - Experience with at least one EDR platform (e.g., Microsoft Defender for Endpoint, CrowdStrike, SentinelOne) — writing custom queries and hunting beyond built-in alerts - Threat hunting experience using hypothesis-driven, intelligence-driven, or anomaly-driven approaches - Security log pipeline experience — building or maintaining ingestion from diverse sources (cloud APIs, webhook integrations, custom parsers) - Version control and CI/CD fluency — Git workflows for detection content Requirements - Preferred experience with AWS, Azure, and/or GCP security services and cloud-native logging (CloudTrail, Azure Activity Logs, GCP Audit Logs) - Elastic Security experience (detection rules, ES|QL, index and ingest pipeline familiarity) - Experience with identity-based attack detection (Entra ID, Okta, SSO/OIDC abuse patterns) - SOAR or security automation tooling experience — building response playbooks, enrichment workflows, or triage automation - API security monitoring or investigation experience - Exposure to Zero Trust architectures (Cloudflare, Zscaler, or similar) - Familiarity with threat intelligence platforms or feeds (MISP, OTX, abuse.ch) - Supply chain security awareness (npm, PyPI, container image compromise detection) - Strong written communication — able to produce clear incident reports, runbooks, and stakeholder updates Benefits - Base salary range: $150,000 - $190,000 per year, depending on a number of factors including the candidate’s working location - Pre-tax and ROTH 401(k) options via Fidelity with up to a 4% company match - Comprehensive benefit plans covering medical, dental, vision, life, and disability effective on your hire date. We cover 100% of your employee premiums and 85% of your eligible dependents - Pre-tax flexible spending account options for health, dependent care and commuter expenses - Flexible PTO in addition to 10 company holidays and an end-of-year company shutdown - Up to 26 weeks of parental leave - Monthly cell phone/internet stipend - Extra perks — IATAN travel membership, pet insurance, financial wellness tools, Calm app access, and more
Related Guides
Related Categories
Related Job Pages
More Engineer Jobs
Go Live Engineer
NerdioEmpowering MSPs and IT professionals to deploy, manage, and optimize virtual desktops in Microsoft Azure
• You’ll dive right in and be an instrumental member of our technical team and will be exposed to the Nerdio platform and our internal and external partners. • Work closely with our Partner Sales Managers (PSM's) to support sales with highly technical Microsoft Channel Partners and MSP's (Managed Service Providers) • Help Nerdio partners with their first several account implementations • Assist fellow Nerdio Support Engineers with trouble tickets and problem solving • Collaborate with technical team members to maintain, design, and enhance current tools and processes • Contribute to technical knowledge base and documentation • Contribute to the creative process of product enhancements and new features • Collaboration towards creating meaningful metrics towards go lives, partner implementation and MRR goals.
Engineer II - Information Engineer
AlphaSense IndiaAlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination. In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works.
Role Description The role of Engineer II, Information Engineering is responsible for designing, building, and operating scalable enterprise platforms that power internal teams across the organization. This role approaches technology challenges with an engineering mindset - developing automated, reliable, and secure solutions that reduce manual work and enable teams to operate efficiently at scale. Our mission is to design, build, and operate secure, scalable IT platforms and identity services that power the company. We leverage engineering, automation, and deep systems expertise to reduce operational overhead, increase reliability, and support long-term organizational growth. This engineer will focus on identity and access management, enterprise systems engineering, enterprise security, and automation-driven platform development, while supporting complex technical initiatives across the organization. The role requires strong technical expertise, architectural thinking, and the ability to translate business needs into scalable engineering solutions. Working closely with cross-functional teams, the engineer will help shape the technical direction of enterprise systems while promoting best practices in automation, infrastructure management, and system reliability. This role provides an opportunity to directly impact the productivity, security, and scalability of the company as we continue to grow. Qualifications - Bachelor’s degree in Computer Science, Information Technology, or a related field, or an equivalent combination of experience and certifications. - Strong programming and scripting skills in Python, PowerShell, and Bash. - Experience integrating systems using RESTful APIs, authentication frameworks such as OAuth, and common data formats such as JSON and YAML. - Proficiency with Infrastructure as Code (IaC) tools such as Terraform. - Experience working with CI/CD pipelines and version control systems (Git) to manage infrastructure, automation, and configuration changes. - Experience designing and maintaining system integrations and automation using APIs and event-driven workflows. - Solid understanding of networking fundamentals, troubleshooting, and system performance optimization. - Experience in identity and access management platforms, particularly Okta and Okta Workflows, and experience designing secure identity architectures. - Strong problem-solving abilities with a structured and analytical approach to designing technical solutions. - Excellent communication skills with the ability to explain complex technical concepts to both technical and non-technical stakeholders. Requirements - Design and build automation-driven solutions and system integrations that reduce manual operational work and improve reliability across enterprise systems. - Develop and maintain internal platforms and services that support identity management, enterprise applications, and secure access to company resources. - Design, implement, and support networking and secure access technologies, including Zero Trust Network Access and identity-aware access controls. - Apply engineering best practices such as infrastructure as code, version control, testing, and CI/CD to enterprise systems and automation workflows. - Define and maintain architecture standards, design principles, and technical guidelines to ensure a consistent and scalable enterprise platform. - Collaborate with internal teams to understand business needs and translate them into secure, scalable engineering solutions. - Partner with Security and Compliance teams to support initiatives such as vulnerability management, patching, and incident response. - Contribute to technical planning and implementation of complex cross-functional technology initiatives. - Maintain documentation for system designs, integrations, and automation workflows to support long-term maintainability. - Provide technical mentorship and guidance to team members while promoting a culture of engineering excellence and continuous improvement. - Stay informed on emerging technologies and identify opportunities to improve platform reliability, security, and scalability. Benefits - AlphaSense is an equal-opportunity employer. - Commitment to a work environment that supports, inspires, and respects all individuals. - Reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances.
Engineer II – Information Engineer
AlphaSenseThe market intelligence and search platform trusted by over 3,500 leading organizations
• Design and build automation-driven solutions and system integrations that reduce manual operational work and improve reliability across enterprise systems. • Develop and maintain internal platforms and services that support identity management, enterprise applications, and secure access to company resources. • Design, implement, and support networking and secure access technologies, including Zero Trust Network Access and identity-aware access controls. • Apply engineering best practices such as infrastructure as code, version control, testing, and CI/CD to enterprise systems and automation workflows. • Define and maintain architecture standards, design principles, and technical guidelines to ensure a consistent and scalable enterprise platform. • Collaborate with internal teams to understand business needs and translate them into secure, scalable engineering solutions. • Partner with Security and Compliance teams to support initiatives such as vulnerability management, patching, and incident response. • Contribute to technical planning and implementation of complex cross-functional technology initiatives. • Maintain documentation for system designs, integrations, and automation workflows to support long-term maintainability. • Provide technical mentorship and guidance to team members while promoting a culture of engineering excellence and continuous improvement. • Stay informed on emerging technologies and identify opportunities to improve platform reliability, security, and scalability.
• Execute enterprise wireless deployments in campus and office environments • Perform predictive and post-deployment wireless surveys (Ekahau preferred) • Collect site information and validate environmental conditions • Troubleshoot coverage, interference, roaming, and authentication issues • Configure SSIDs, RF profiles, and wireless security policies • Produce wireless deliverables including survey reports, heatmaps, and validation documentation • Execute standardized wireless deployment workflows aligned with service offerings • Escalate advanced RF design challenges and architecture exceptions to senior engineers • Configure and support enterprise LAN infrastructure supporting wireless services • Implement VLANs, trunking, Spanning Tree Protocol (STP), Link Aggregation (LACP), and basic Quality of Service (QoS) • Support static routing and OSPF environments • Troubleshoot Layer 1–3 connectivity issues • Assist with network upgrades, refresh projects, and lifecycle management • Maintain network documentation and topology diagrams • Support 802.1X authentication, RADIUS services, and Network Access Control (NAC) solutions • Assist with network segmentation and access control implementations • Follow established security, compliance, and change management standards • Complete ongoing security awareness training and comply with company policies to the requirements section • Identify and escalate security risks to the appropriate Executive Leadership Team member and actively contribute to remediation efforts
