Posted: 18 June
The role
Requirements
6+ years in cybersecurity, with a focus on detection, response, and automation.
Technical proficiency with protection of on-premise computing environments and one or more major cloud environments (GCP a plus).
Experience with network security at scale.
Experience working with and implementing Detection as Code workflows.
Strong expertise in incident handling and forensic investigation.
Strong knowledge of the modern cyber threat landscape.
Automation‑first mindset, including experience integrating AI into response workflows.
Experience integrating threat intel into automated response workflows.
Demonstrated expertise in mentoring and training peers in security engineering.
Expertise in Python scripting and automation.
Exceptional collaboration and communication skills, with the ability to engage with partners and stakeholders from various perspectives and technical levels.
Familiarity with modern infrastructure tools, such as Terraform, Docker, Kubernetes, and Ansible.
Experience building and scaling open‑source security observability solutions.
Experience with Unix/Linux environments.
Experience responding to incidents on Windows and Mac endpoints.
Self‑motivated, with good communication and writing skills.
Must be able to pass a background check.
Embody the company values.
What the job involves
Crusoe Security & Compliance is hiring a Senior Detection Engineer to play a critical role in safeguarding Crusoe, our customers, and ensuring our security posture remains robust against emerging threats.
This role involves influencing the detection strategy, creation, tuning, validation, and correlation to maintain effective detections against an ever‑changing threat landscape. The role is hands‑on, encompassing the development of detection technologies and incident response.
Leadership & Strategy
Develop and execute a comprehensive security operations strategy that aligns with organizational goals, ensuring robust protection against current and future cyber threats.
Evaluate and implement emerging security technologies and methodologies to continuously enhance our security posture and operational efficiency.
Partner with stakeholders and cross‑functional teams (Engineering, Product, SRE, IT, Legal) to adapt in a dynamic security landscape.
Detection and Incident Response
Design, implement, and fine‑tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities.
Continuously tune alerting rules to reduce false positives and enhance our signal‑to‑noise ratio.
Perform forensics and lead response efforts during security incidents, including triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution.
Operational Security
Drive the advancement and growth of detection and automation initiatives.
Manage security event monitoring, management, response workflows, and tasks.
Improve security operations by developing measurement capabilities and metrics to track and communicate performance, coverage, and risk.
Automation and Improvement
Author comprehensive runbooks, write automation scripts, and build SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.
Create, maintain, and manage a library of automated playbooks to address new threats and tactics employed by attackers.
Documentation and Compliance
Develop standard operating procedures and other appropriate documentation to enforce quality and consistency of services being delivered.
Support ongoing security compliance, audit, and certification programs (e.g., HIPAA, SOC 2).
#J-18808-Ljbffr
