Sr. Threat Detection and Response Engineer
Vancouver, BC
We are committed to diversity as both a moral and business imperative.
About the RoleThe Security landscape is constantly evolving. Threat Actors and techniques adapt, which requires us to be constantly vigilant and innovating detection and response strategies. The DnR team operates to quickly detect and respond to threats targeting our Highspot Platform and organization.
As a Senior member of the Detection and Response Team, you will lead the maturity of detection and response processes and capabilities to better defend the organization. You will be on the front lines of innovation developing capabilities focused on building solutions as Highspot evolves to fortify and safeguard against Threat Actors. This role will support the overall Security Strategy by providing high visibility, high fidelity detection capabilities and investigative technical analysis of adversarial Tactics, Techniques, and Procedures/Behaviors.
This hands-on technical role will involve solving complex security problems surrounding Monitoring Network Infrastructure, Security Orchestration Automation and Response(SOAR), Digital Forensics, and Threat Intelligence.
This role will report to the Director of Detection and Response and require heavy collaboration with DevOps, Product Security, and IT.
What You'll Do
- Build new security detections to support daily operations and faster, more accurate, identification of threats.
- Leverage threat intelligence and intrusion data of adversary behaviors to create new high-fidelity security detections.
- Conduct research to understand emerging trends, provide feedback to security leadership, and provide a voice to influence the DnR Strategic Roadmap.
- Create, track, and iterate on metrics of the detection engineering process to show progress towards goals, and track gaps in detection coverage.
- Collaborate on ways to improve detection and response capabilities.
- Champion the team’s mission and regularly communicate/collaborate with internal business units and stakeholders outside of the security organizational structure.
- Take charge as Incident Commander and Lead Coordinated Response. Possess the ability to move swiftly and accurately to seek support from partners to contain and eradicate Threat Actors.
- Provide detailed Post Mortem Reports for lessons learned and create action items to improve processes, workflows, and security posture.
- Foster relationships between internal security organizations, product teams, and non-technical teams as a security champion to provide security consultation as they develop product features, infrastructure, workflows, and processes.
Your Background
- Proficiency in at least one (Not Necessarily All) of the following areas: Incident Response/Threat Hunting/Threat Intelligence/Detection Engineering.
- A deep understanding of Threat Actor TTPs (MITRE ATT&CK, Diamond, Cyber Kill Chain).
- A proven decision maker with experience developing innovative solutions in the domains of Threat Intelligence, Threat Hunting, Detection Engineering, and Incident Response.
- Written and verbal communication skills to describe security event details and technical analysis with audiences within the cybersecurity organization and both Technical and Non-Technical groups.
- Experience with threat hunting on a large, enterprise network both as an individual and leading exercises with other team members.
- An understanding of log analysis from multiple sources (Endpoint, IDS, Network, Cloud, etc) to identify and investigate security events and incidents.
- Possesses a natural curiosity to investigate the how and why of security incidents.
- Passionate about stopping adversaries with both well established proven methodologies and innovative techniques/processes.
- Ability to operate independently, make decisions, take action, and take ownership.
- Customer Service-oriented approach in partnering with Organization Business Partners and Stakeholders.
Equal Opportunity StatementWe are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of any grounds protected by applicable human rights legislation, which may include age, ancestry, citizenship, color, ethnicity, family status, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or invisible disabilities, political belief, race, religion, or sexual orientation.
Did you read the requirements as a checklist and not tick every box? Don't rule yourself out! If this role resonates with you, hit the ‘apply’ button."
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Automation Cloud Cyber Kill Chain DevOps Forensics IDS Incident response Log analysis MITRE ATT&CK Monitoring Product security Security strategy SOAR Strategy Threat detection Threat intelligence TTPs
Perks/benefits: Flex hours Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs