Senior Security Engineer - Operations / Incident Response
New
O
Ondo FinanceFintech / Crypto
Remote (US)Full-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 3-5+ years
- Required Skills
- PythonGit
Requirements
- 3-5+ years of experience in security operations, detection engineering, or incident response.
- Deep, hands-on experience with at least one SIEM (e.g., Splunk, Panther, Elastic, Sentinel, Chronicle).
- Production experience with EDR tuning and incident response (e.g., CrowdStrike, SentinelOne, Defender).
- Working knowledge of email security tools and modern phishing TTPs.
- Strong scripting skills, specifically Python, and comfort with Git.
- Experience with SOAR or general security automation.
- Practical experience or a track record of evaluating and shipping AI/LLM tools into production security workflows.
- Operational maturity to lead incidents and drive organizational security improvements.
- Working fluency with cloud security telemetry in AWS, GCP, or Azure.
Responsibilities
- Manage the detection engineering lifecycle in the SIEM, including writing, tuning, and versioning detections.
- Deploy and maintain EDR policies and response playbooks for macOS and Linux fleets.
- Operate the email security stack, investigate phishing attempts, and drive user reporting.
- Build and maintain SOAR/response automation.
- Lead incident response efforts, including triage, containment, and post-mortem creation.
- Develop and operate AI-native workflows within the SecOps stack.
- Establish monitoring for internal AI usage and detect AI-driven threats against the organization.
View Full Description & ApplyYou'll be redirected to the employer's site