Staff Product Security Operations Engineer (Incident Response Lead)

View full description

Requirements:

• Seasoned Detection and Response Engineer with experience leading investigations, including containment actions and forensics.
• 7+ years of experience with Detection and Response engineering, focusing on leading incidents.
• Ability to handle high-pressure, complex situations calmly.
• Strong ability to analyze and correlate information from multiple sources and engineer solutions.
• Strong communication skills with the ability to address technical and non-technical audiences.
• Experience with Sec Ops tooling like Elastic, Splunk, Hive, Crowdstrike Falcon, or similar.
• Experience in creating automations to improve IR workflows (Python preferred).
• Experience in developing native data ingestion and data normalization integrations.
• Ability to lead large projects and work with cross-functional stakeholders.
• Ability to partner with Legal & Compliance teams for incident reporting.
• Experience in building actionable threat intelligence & hunting programs is a bonus.

Responsibilities:

• Lead security incident response efforts driving detection & response across the organization from identification to post-incident retrospective.
• Serve as incident commander in large scale security incidents driving containment & remediation.
• Be the senior escalation point for the team assisting with investigations and incidents.
• Balance tactical & strategic thinking using facts & clear communications.
• Provide briefings and status updates to technical and executive leadership during incidents.
• Lead the development of security incident response playbooks and processes.
• Contribute to engineering projects to improve monitoring, detection & response programs.
• Collaborate with cross-functional teams on key security projects.
• Lead incident response training and learning sessions across engineering and non-engineering teams.