Senior Threat Detection and Response Engineer – Blue Team

Job Description: • Lead internal threat detection and incident response capabilities. • Act as the primary operational owner and subject matter expert for the security tooling ecosystem. • Serve as the primary liaison and operational overseer of the virtual Security Operations Center (vSOC). • Ensure rapid detection, effective analysis, and initial containment of all security threats. • Manage the critical vulnerability management process. • Produce the monthly security newsletter and annual security awareness training. Requirements: • 5+ years of experience in Security Operations, Threat Hunting, Incident Response, or a closely related field. • Expert-level hands-on operational and tuning experience with one or more major platforms across EDR (e.g., CrowdStrike, SentinelOne), SIEM (e.g., Splunk, Microsoft Sentinel), and Cloud Security (e.g., CNAPP solutions) • Strong understanding of security alert analysis, log review, data correlation techniques, threat modeling, and alert suppression/refinement • Proven experience in incident triage, evidence preservation, chain of custody, and basic forensic analysis techniques. • You must have one of the following: CISSP-ISSAP, (ISC)²GIAC Certified Incident Handler (GCIH), GIAC Cyber Threat Intelligence (GCTI), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA), Certified Ethical Hacker (CEH), EC-Council Certified Incident Handler (ECIH), Certified Computer Examiner (CCE), EnCase Certified Examiner (EnCE), Certified Forensic Computer Examiner (CFCE), CREST Registered Incident Handler (CRIH), CREST Certified Incident Manager (CCIM), ISO/IEC 27035 Lead Implementer, Certified Digital Forensics Examiner (CDFE) — Mile2CompTIA Cybersecurity Analyst (CySA+), CompTIA • Solid understanding of network protocols, operating system internals, and cloud environments (AWS, Azure, or GCP). • Deep understanding of threat detection and incident response within major cloud environments, including knowledge of cloud logging sources, native security tools, and common attack paths. • Familiarity with security concepts and threat detection within container orchestration platforms, such as Kubernetes, OpenShift. • Excellent communication, documentation, and partnership management skills. Benefits: • comprehensive medical and dental coverage • $50 a day food delivery budget • equity based employment • a great culture • learning opportunities • unlimited vacation • 12 weeks paid parental leave • $1,000 a year to travel somewhere new Apply tot his job