Senior Security Operations Engineer, Detection & Response at Jobgether – United States

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Security Operations Engineer, Detection & Response in the United States.

This role offers a high-impact opportunity to strengthen and maintain an organization’s security posture across global cloud environments, endpoints, and SaaS platforms. You will lead threat detection, incident response, and continuous monitoring initiatives while serving as a subject matter expert in security operations. The position requires collaboration across multiple teams to improve detection coverage, automate workflows, and enhance overall security resilience. You will actively participate in 24/7 on-call rotations, drive the development of detection rules and runbooks, and mentor junior engineers. Ideal candidates thrive in fast-paced, high-pressure environments, enjoy solving complex security challenges, and are passionate about automation and process improvement. This is a role where your contributions directly protect organizational assets and empower teams to respond efficiently to threats.

• Lead investigations and coordinate response efforts for security incidents across global infrastructure, minimizing impact and recovery time
• Participate in 24/7 on-call rotations, managing active security events and incidents
• Develop and maintain detection rules, runbooks, and response procedures aligned with the organization’s threat model
• Triage and investigate alerts from tools such as EDR, CSPM, and cloud security platforms, reducing false positives and improving detection accuracy
• Automate alert triage workflows and enhance mean time to detection and response using tooling and AI enrichment
• Collaborate with Infrastructure, Application Security, and Enterprise Security teams to implement secure-by-design principles
• Conduct tabletop exercises and game days to test detection, response, recovery, and remediation capabilities
• Mentor junior security engineers and cross-functional team members on incident handling best practices

• 8+ years of professional experience in security, including at least 4 years in security operations, incident response, threat hunting, or threat detection
• Demonstrated experience leading security incident investigations and coordinating cross-team response efforts
• Hands-on experience with security tooling (SIEM, SOAR, EDR, CSPM) with focus on detection engineering and alert tuning
• Experience with cloud-native production environments and multi-cloud platforms (AWS, Azure, GCP)
• Proficiency in automation tools and scripting (Python, Terraform) and leveraging AI for workflow improvements
• Strong understanding of attacker tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK
• Excellent communication skills for both technical and non-technical stakeholders
• Ability to work effectively in a distributed, remote environment and manage high-pressure situations calmly

Preferred / Nice-to-Have:

• Experience with tools such as Wiz, Crowdstrike, Jamf, Okta, and Google Workspace
• Knowledge of Kubernetes-based environments and SaaS integrations
• Relevant certifications (GCIH, GCIA, GCFA, or equivalent)
• Experience with eDiscovery, digital forensics, or bug bounty management
• Contributions to open source security tooling or detection content

• Competitive salary range: $175,000 – $212,000 USD (select locations: $194,000 – $235,000 USD)
• Equity or comparable benefits depending on legal and geographic limitations
• Unlimited vacation policy
• 401(k) plan with 3% guaranteed contribution
• Comprehensive healthcare coverage
• Paid parental leave
• Wellness and home office stipends
• Professional development opportunities and a collaborative, inclusive work environment