Sr. Threat Detection and Response Engineer

About HighspotHighspot helps sales teams improve customer conversations and achieve their revenue goals. From content optimization and performance analytics to in-context training, guided selling, and more, the Highspot platform delivers enterprise-ready features in a modern design that sales reps and marketers love. Using Highspot, marketing leaders have deep insights and analytics into the performance and influenced revenue of content, campaigns, and marketing assets.  What makes the solution special? It’s loved by sales reps globally, and is the #1 rated sales enablement platform on G2 Crowd. 
We are committed to diversity as both a moral and business imperative. 
About the RoleThe Security landscape is constantly evolving.  Threat Actors and techniques adapt, which requires us to be constantly vigilant and innovating detection and response strategies.  The DnR team operates to quickly detect and respond to threats targeting our Highspot Platform and organization.
As a Senior member of the Detection and Response Team, you will lead the maturity of detection and response processes and capabilities to better defend the organization.  You will be on the front lines of innovation developing capabilities focused on building solutions as Highspot evolves to fortify and safeguard against Threat Actors.  This role will support the overall Security Strategy by providing high visibility, high fidelity detection capabilities and investigative technical analysis of adversarial Tactics, Techniques, and Procedures/Behaviors.   
This hands-on technical role will involve solving complex security problems surrounding Monitoring Network Infrastructure, Security Orchestration Automation and Response(SOAR),  Digital Forensics, and Threat Intelligence.  
This role will report to the Director of Detection and Response and require heavy collaboration with DevOps, Product Security, and IT.

What You'll Do

• Build new security detections to support daily operations and faster, more accurate, identification of threats.
• Leverage threat intelligence and intrusion data of adversary behaviors to create new high-fidelity security detections.
• Conduct research to understand emerging trends, provide feedback to security leadership, and provide a voice to influence the DnR Strategic Roadmap.
• Create, track, and iterate on metrics of the detection engineering process to show progress towards goals, and track gaps in detection coverage.
• Collaborate on ways to improve detection and response capabilities.
• Champion the team’s mission and regularly communicate/collaborate with internal business units and stakeholders outside of the security organizational structure. 
• Take charge as Incident Commander and Lead Coordinated Response. Possess the ability to move swiftly and accurately to seek support from partners to contain and eradicate Threat Actors.
• Provide detailed Post Mortem Reports for lessons learned and create action items to improve processes, workflows, and security posture.
• Foster relationships between internal security organizations, product teams, and non-technical teams as a security champion to provide security consultation as they develop product features, infrastructure, workflows, and processes. 

Your Background

• Proficiency in at least one (Not Necessarily All) of the following areas: Incident Response/Threat Hunting/Threat Intelligence/Detection Engineering.
• A deep understanding of Threat Actor TTPs (MITRE ATT&CK, Diamond, Cyber Kill Chain).
• A proven decision maker with experience developing innovative solutions in the domains of Threat Intelligence, Threat Hunting, Detection Engineering, and Incident Response.
• Written and verbal communication skills to describe security event details and technical analysis with audiences within the cybersecurity organization and both Technical and Non-Technical groups.
• Experience with threat hunting on a large, enterprise network both as an individual and leading exercises with other team members.
• An understanding of log analysis from multiple sources (Endpoint, IDS, Network, Cloud, etc) to identify and investigate security events and incidents.
• Possesses a natural curiosity to investigate the how and why of security incidents. 
• Passionate about stopping adversaries with both well established proven methodologies and innovative techniques/processes.
• Ability to operate independently, make decisions, take action, and take ownership.
• Customer Service-oriented approach in partnering with Organization Business Partners and Stakeholders.  

Benefits SectionComprehensive medical, dental, vision, disability, and life benefitsGroup Retirement Savings Plan (RRSP) and matching employer contributions (DPSP) with immediate vesting3 Weeks of Paid VacationGenerous Holiday Schedule + 5 Days for Annual Holiday WeekRecharge Fridays (company wide mental health days)Flexible work schedulesProfessional development opportunities through BetterUp and LinkedIn LearningDiscounted ClassPass membershipAccess to Coaches and Therapists through Modern Health2 Volunteer days per year

Equal Opportunity StatementWe are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of any grounds protected by applicable human rights legislation, which may include age, ancestry, citizenship, color, ethnicity, family status, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or invisible disabilities, political belief, race, religion, or sexual orientation.
Did you read the requirements as a checklist and not tick every box? Don't rule yourself out! If this role resonates with you, hit the ‘apply’ button."