Senior Security Engineer - Operations / Incident Response

New
O
Ondo FinanceFintech / Crypto
Remote (US)Full-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page

Job Details

Experience
3-5+ years
Required Skills
PythonGit

Requirements

  • 3-5+ years of experience in security operations, detection engineering, or incident response.
  • Deep, hands-on experience with at least one SIEM (e.g., Splunk, Panther, Elastic, Sentinel, Chronicle).
  • Production experience with EDR tuning and incident response (e.g., CrowdStrike, SentinelOne, Defender).
  • Working knowledge of email security tools and modern phishing TTPs.
  • Strong scripting skills, specifically Python, and comfort with Git.
  • Experience with SOAR or general security automation.
  • Practical experience or a track record of evaluating and shipping AI/LLM tools into production security workflows.
  • Operational maturity to lead incidents and drive organizational security improvements.
  • Working fluency with cloud security telemetry in AWS, GCP, or Azure.

Responsibilities

  • Manage the detection engineering lifecycle in the SIEM, including writing, tuning, and versioning detections.
  • Deploy and maintain EDR policies and response playbooks for macOS and Linux fleets.
  • Operate the email security stack, investigate phishing attempts, and drive user reporting.
  • Build and maintain SOAR/response automation.
  • Lead incident response efforts, including triage, containment, and post-mortem creation.
  • Develop and operate AI-native workflows within the SecOps stack.
  • Establish monitoring for internal AI usage and detect AI-driven threats against the organization.
View Full Description & ApplyYou'll be redirected to the employer's site
View details
Apply Now