Security Engineer, Detection and Response

Join xAI as a Senior Security Engineer / Analyst to lead our security threat management initiatives. In this pivotal role, you will oversee the identification and management of potential security incidents, collaborating closely with partner teams on known or suspected threats. Your expertise will enhance our threat intelligence, threat hunting, incident response, and intrusion detection efforts, ensuring we adhere to and advance industry best practices.

Join our dynamic Security Engineering team as a Senior Security Engineer specializing in Detection and Incident Response. In this pivotal role, you will blend the realms of security operations and software engineering, not only investigating incidents but also developing the systems that detect, contain, and prevent them. Your contributions will involve designing and deploying high-precision detection mechanisms across cloud services and enterprise SaaS platforms, crafting automation to expedite response times, and enhancing telemetry pipelines essential for robust security measures.Your expertise in coding will be as vital as your incident triaging skills. You will structure investigations, analyze root causes, and clearly communicate the implications of security incidents to both technical and non-technical stakeholders. Additionally, you'll leverage these insights to drive lasting engineering improvements, resulting in better detections and smarter automation.

As a Senior Security Engineer focused on Detection & Response at Justworks, you will play a critical role in enhancing our security posture and protecting our clients' data. You will be responsible for designing and implementing advanced detection and response strategies to identify and remediate threats swiftly. Collaborating with cross-functional teams, you will lead initiatives to improve our security operations and ensure compliance with industry standards.

About the Role Sigma Computing is hiring a Senior Security Engineer II focused on Threat Detection and Response for our Security Engineering team in New York City. This position acts as the technical subject matter expert for threat intelligence, detection, and response. The role partners closely with Security, Platform, Product, and Engineering teams to reduce risk and strengthen our defenses at scale. Responsibilities include translating Cyber Threat Intelligence (CTI) into practical security strategies and reinforcing our architecture to guard against modern attack techniques before they can impact our systems. Beyond platform management, this engineer will write production-grade code, design scalable detection systems, automate security responses, and build proactive controls. A strong understanding of cloud, identity, application, and data attack vectors is essential. What You’ll Do Adversary Response Planning: Develop and maintain a comprehensive adversary response strategy that connects organizational risks to specific threat actor tactics, techniques, and procedures (TTPs). Cross-Functional Leadership: Act as a subject matter expert for Infrastructure, Engineering, and Security teams. Guide the adoption of proactive security measures and help integrate security best practices throughout the development lifecycle and company infrastructure. Proactive Threat Modeling: Lead collaborative threat modeling for new products and infrastructure. Support cloud platform, Engineering, and IT teams in identifying and mitigating architectural vulnerabilities before deployment. Continuous Detection Engineering: Build, refine, and continually improve a library of high-fidelity detections. Ensure alerting mechanisms adapt to new exploitation methods and evolving industry standards. Industry Alignment: Stay current with the latest security developments (such as CISA advisories and new MITRE techniques) to keep Sigma’s controls aligned with industry standards. Resilience Testing & Training: Design and run incident response simulations and tabletop exercises. Educate non-security teams on their crisis roles and identify any weaknesses in our layered defense approach. Advanced Incident Management: Lead advanced incident response efforts to ensure security incidents are managed quickly and effectively.

COMPANY OVERVIEWKKR & Co. Inc., a premier global investment firm, specializes in alternative asset management, capital markets, and insurance solutions. Our mission is to achieve compelling investment returns through a patient, disciplined approach, leveraging exceptional talent, and fostering growth in our portfolio companies and communities. KKR oversees investment funds that engage in private equity, credit, and real assets, while our insurance subsidiaries offer retirement, life, and reinsurance products managed by Global Atlantic Financial Group. References to KKR’s investments may encompass activities of its sponsored funds and insurance subsidiaries.TEAM OVERVIEWAt KKR's Technology organization, we are a dynamic group of dedicated technologists and product managers, united by a common goal of delivering outstanding products and solutions that provide significant value to our stakeholders, clients, and investors. Our enthusiasm for technology and innovation propels us to create high-quality, impactful solutions that tackle complex challenges and adapt to the evolving demands of our sophisticated businesses.Collaboration is fundamental to our success. We cultivate an environment of open communication and continuous learning, fostering a culture that appreciates diverse perspectives and collective accomplishments. Our global presence allows us to incorporate varied viewpoints into our product and solution offerings, resulting in comprehensive, adaptable, and scalable solutions. We focus on delivering impactful results, prioritizing excellence while remaining nimble in response to the changing needs of our businesses.POSITION OVERVIEWWe are on the lookout for a skilled SOC Engineer to enhance our Threat Detection & Response capabilities at KKR in either New York or Boston. This role is crucial for modernizing our operations through an engineering-first approach. You'll be dedicated to boosting the effectiveness of our analysts by implementing automation, tooling, and agentic/MCP-style workflows that enhance triage speed, case quality, and containment outcomes. This position requires you to be in the office five days a week.Your responsibilities will span across telemetry, case management, SOAR, and analyst workflows aimed at minimizing toil, improving consistency, and making response efforts more measurable and reliable. While detection engineering is an aspect of this role, the primary focus will be on signal and workflow engineering to ensure alerts are enriched, prioritized, routed, and linked to actionable response paths.What Success Looks Like (6–12 months)Significant reduction in analyst toil and time-to-triage through automation and standardized workflows.

Join Ramp as a Lead Detection & Response Specialist, where you will spearhead our cybersecurity efforts to protect our systems and data. You will play a crucial role in identifying, investigating, and responding to security incidents. Collaborate with a team of experts to implement proactive measures that ensure the integrity and security of our digital assets.

As a Product Manager for Cloud Detection & Response (CDR), you will play a pivotal role in creating a cohesive threat detection, investigation, and response experience for Datadog's Cloud Security Management solution. By integrating deep security telemetry from our Cloud SIEM, Workload Protection, and Cloud Security offerings, CDR enhances Datadog's observability platform, which includes APM traces, infrastructure metrics, and logs. This unified approach empowers security teams with a comprehensive, context-rich workflow to swiftly identify and respond to cloud threats. Collaborating with engineers, designers, and go-to-market teams, you will define this innovative product area and drive customer adoption and revenue growth. At Datadog, we value our office culture, fostering collaboration and creativity. We operate a hybrid workplace, enabling our Datadogs to achieve a harmonious work-life balance tailored to their needs.

The Security Incident Response Team (SIRT) is integral to safeguarding Datadog from cybersecurity threats. In this pivotal role, you will collaborate with diverse teams to identify, triage, and swiftly respond to an array of security threats, ensuring that incidents are contained promptly. Your contributions will also extend to enhancing our tools and systems, fostering cross-functional learning from incidents to bolster our overall security posture.At Datadog, we value a vibrant office culture that nurtures relationships, collaboration, and creativity. We support a hybrid workplace model, allowing our team members to achieve a harmonious work-life balance.

Role overview Peloton Interactive, Inc. is hiring a Security Engineer with a focus on Incident Response. This hybrid position is based in New York City, NY, and plays a key role in supporting Peloton’s Security Program. The schedule includes part-time telecommuting. Key responsibilities Research and analyze intelligence data from a variety of sources to support threat-hunting activities. Monitor vulnerabilities, track threat actors, and stay informed about indicators of compromise (IOCs). Identify actionable intelligence and highlight emerging threats relevant to Peloton’s environment. Provide insights into anomalies and possible malicious activities across the enterprise. Collaborate with Security Engineering and Security Operations Center teams to establish baselines for user behaviors and events. Develop new detection methods and response workflows to strengthen incident response capabilities. Triage security incidents and assist with investigations alongside internal teams. Recommend and implement countermeasures based on analysis findings. Create and maintain playbooks for security incidents. Prepare analytical reports for management and senior leadership. Work location This position is based at Peloton Interactive’s New York, NY offices. Part-time remote work is available as part of a hybrid schedule.

Join Datadog as a Group Product Manager for our Cloud SIEM product, where you will empower security teams to proactively detect, investigate, and respond to threats within modern cloud and SaaS environments. In this pivotal role, you will set the strategic vision for our Threat Detection and Incident Response (TDIR) capabilities, significantly influencing how customers automate and scale their security operations. Your leadership will drive product strategy in areas such as detection engineering, case management, response workflows, and integrations, enabling security teams to transition seamlessly from alerts to actionable responses.We pride ourselves on fostering an inclusive and innovative office culture at Datadog, where collaboration and creativity thrive. Our hybrid workplace model allows our team members to achieve a work-life balance that is tailored to their individual needs.

Role Overview FanDuel Inc. is hiring a Director of Threat Detection and Response in New York City. This leader will guide a skilled team focused on protecting FanDuel’s digital assets from evolving security threats. What You Will Do Design, implement, and refine threat detection strategies to stay ahead of emerging risks. Lead and develop the threat detection and response team. Promote security awareness and resilience throughout the organization. Work closely with cross-functional teams to strengthen defenses against cyber threats.

Join our team as an Incident Response Engineer, where you will play a critical role in enhancing our cybersecurity infrastructure and safeguarding our digital assets. In this dynamic position, you will be responsible for identifying, analyzing, and responding to security incidents while ensuring our systems remain resilient against potential threats.As an essential member of our security team, you will collaborate closely with both technical and non-technical stakeholders to develop effective incident response strategies, conduct post-incident reviews, and implement robust security measures.

Why Join DoppelAt Doppel, we are dedicated to combating one of the most significant threats posed by AI: mass-manufactured social engineering. With the rise of scams, deepfakes, and various social engineering attacks across digital platforms—including websites, social media, ads, and mobile applications—our mission is both straightforward and ambitious: to create a safer internet by outsmarting the rapidly evolving digital threats.Supported by esteemed investors such as a16z and Bessemer, and trusted by globally recognized brands like OpenAI, United Airlines, and Coinbase, Doppel is on a rapid growth trajectory. If you are motivated to tackle real-world challenges through innovative technology, we want to hear from you.What We're BuildingWe are developing an AI-native defense platform against social engineering attacks.This involves creating scalable systems that monitor billions of domains, social media accounts, apps, and dark web forums, using AI agents to detect and neutralize digital threats.What We're Looking ForWe seek passionate engineers who excel at building and operating backend systems at scale. You should be capable of transforming ambiguous detection and product challenges into reliable production services and user interfaces that assist our operations and clients in identifying and mitigating threats. Your focus will be on high-throughput ingestion, enrichment, scoring and alerting pipelines, APIs and dashboards, threat-linking infrastructure, and dependable automation utilized by stakeholder teams daily.

Join Human as a strategic security leader, where you will spearhead our global incident response and investigative efforts. In this pivotal role, you will ensure our organization is fully equipped to prepare for, detect, and respond to security incidents affecting HUMAN, our service ventures, partners, and customers. Collaborating closely with engineering, infrastructure, legal, and business teams, you will enhance our incident handling and continuously improve our detection and response capabilities. As part of a dynamic team, you will also engage with adjacent security domains such as Governance, Risk & Compliance (GRC), product security, and corporate security as needed. This position is open to candidates on the USA East Coast or in the UK.Key ResponsibilitiesOversee Global Incident ResponseLead the incident response process from start to finish, providing both strategic direction and hands-on support during critical incidents.Manage the entire incident lifecycle – preparation, detection, triage, containment, eradication, recovery, and post-incident analysis – ensuring clear roles and communication plans are in place.Act as the Incident Response Commander (IRC) for major incidents, guiding the Cyber Security Incident Response Team (CSIRT) through technical investigations and remediation efforts.Develop and conduct regular tabletop exercises and simulations alongside Security, IT, Engineering, Legal, People, and Customer Operations teams to validate our readiness and drive enhancements.Enhance and Automate Security OperationsDesign, implement, and refine detection strategies across our technology landscape (including endpoint, network, cloud, SaaS, and identity) while actively pursuing proactive threat hunting initiatives.Analyze current and developing threats, transforming threat intelligence into actionable detection use cases, playbooks, and risk narratives for leadership consideration.Continuously enhance automation and orchestration, evolving detection, enrichment, and response workflows using scripting and AI-driven techniques to minimize detection and containment times.Enable Security, IT, and Engineering teams by providing reusable workflows, integrations, and comprehensive documentation instead of isolated scripts.Manage relationships with Managed Detection and Response (MDR), Security Operations Center (SOC), and other security vendors, ensuring playbooks and runbooks align with HUMAN’s threat landscape.Collaborate with engineering and cloud platform teams to strengthen security monitoring practices.

COMPANY OVERVIEWKKR is a renowned global investment firm specializing in alternative asset management, capital markets, and insurance solutions. Our mission is to deliver compelling investment returns through a disciplined approach, exceptional talent, and a commitment to fostering growth within our portfolio and communities. KKR manages investment funds focused on private equity, credit, and real assets, and collaborates with strategic partners overseeing hedge funds. Our insurance subsidiaries, under Global Atlantic Financial Group, provide a range of retirement, life, and reinsurance products.TEAM OVERVIEWWithin KKR's Technology organization, a team of dedicated technologists and product managers work together to create innovative solutions that add value for clients and stakeholders alike. Our commitment to technology and innovation drives us to develop impactful solutions that effectively address complex challenges while adapting to the evolving requirements of our sophisticated businesses. We believe that teamwork is essential for success and foster a culture of open collaboration, continuous learning, and diversity of thought.POSITION OVERVIEWWe are looking for a skilled Blue Team Lead to become KKR's U.S. Regional Lead and primary escalation point for intricate cyber incidents within our Threat Detection & Response (TD&R) function, based in our New York or Boston office. This senior leadership position requires deep investigative expertise, responsibility for incident command, containment strategies, stakeholder communications, and readiness for response. This role mandates in-office presence five days a week.As KKR transitions to a more cloud-first and identity-first model, this role will play a crucial part in determining our response strategies, collaborating closely with our Managed Security Service Provider (MSSP), internal Computer Incident Response Team (CIRT), and engineering teams to achieve swift and consistent outcomes.

Join Our Mission at ZeroMarkZeroMark is at the forefront of developing AI-driven counter-drone systems that are not just theoretical but have been proven in real combat situations. Our commitment is to create technology that genuinely saves lives without the fluff of PowerPoint presentations.We have witnessed remarkable growth, doubling our success over the past two years while securing contracts that affirm our belief that true innovation occurs in the field, not in sterile meeting rooms. Our cutting-edge systems enhance traditional weaponry to become intelligent platforms capable of detecting, tracking, and neutralizing drone threats efficiently, because we believe that a $200 drone should not necessitate a million-dollar countermeasure.At ZeroMark, our operators work hands-on, validating technology from Blackhawk helicopters, training with elite Tier-1 units, and testing at renowned ranges from White Sands to the cliffs of Hawaii. When we say our technology is field-tested, we mean it has been rigorously evaluated in active environments. We are action-oriented and focused on delivering impactful results. See us in action here. A sense of humor and resilience are essential.If you are driven to create real change and enjoy a dynamic work environment, we want to hear from you. We are dedicated to delivering practical, tested technology rather than just theories.The RoleWe are on the lookout for a motivated and experienced Principal Computer Vision Engineer to join our talented team. This position focuses on the development and optimization of advanced computer vision algorithms aimed at aerial object detection and tracking. The ideal candidate will possess a robust background in computer vision and deep learning, with experience preferred in the defense sector.

The Seasonal Incident Response and Threat Intelligence Analyst plays a critical role in safeguarding our organization against cybersecurity threats, fraud, and digital risks. This position is designed to identify, investigate, and respond to incidents that could affect Major League Baseball and its affiliates. By combining incident response, threat intelligence, digital risk protection, and fraud analysis, you will proactively detect risks, disrupt malicious activities, and enhance our defenses through actionable intelligence and thorough investigations.Key Responsibilities:Assist in security and fraud incident response efforts, coordinating with the virtual Security Operations Center (vSOC) and internal teams for incident identification, containment, remediation, and analysis.Enhance digital risk protection and threat intelligence initiatives, providing timely and actionable insights to support operational responses and threat modeling.Conduct sensitive digital and fraud investigations, producing clear and defensible investigative reports.Monitor and assess the cyber threat landscape, utilizing OSINT, deep/dark web sources, and industry tools to identify threats, vulnerabilities, and adversary tactics.Analyze system logs and user behavior to detect anomalies and high-risk patterns, developing strategies for mitigation and prevention.

CoreWeave is seeking a Security Engineering Manager to lead the Platform Security team. This position is based in Livingston, NJ, New York, NY, Sunnyvale, CA, Bellevue, WA, or San Francisco, CA. The team’s mission is to embed security into CoreWeave’s Kubernetes-based platform and public cloud environments, supporting high-performance infrastructure for AI and machine learning workloads. Role overview This manager will oversee and expand the Platform Security engineering team, reporting to the Senior Director of Security Foundations. The focus is on hands-on leadership and technical execution, with an emphasis on building and implementing security controls rather than policy development. The role requires close collaboration with Infrastructure, Platform Engineering, Site Reliability Engineering, and other security teams to ensure security measures keep pace with business growth and evolving needs. What you will do Lead and grow the Platform Security engineering team. Integrate security into Kubernetes infrastructure and public cloud platforms such as AWS, GCP, and Azure. Define and execute strategies for cloud security posture, workload isolation, platform guardrails, image integrity, and multi-cloud security. Develop and implement security controls across CoreWeave’s infrastructure. Work closely with other technical teams to align platform security with business needs. The Platform Security team The Platform Security team at CoreWeave engineers systems that enforce security at the infrastructure layer. Their work spans both CoreWeave’s own Kubernetes-based platform and third-party public cloud environments. The team supports GPU-accelerated infrastructure for demanding AI and machine learning workloads, ensuring that both customer and internal services remain secure as CoreWeave’s global presence expands.

Welcome to OktaOkta is recognized as the world's leader in identity solutions, empowering users to securely access any technology, anywhere, on any device or application. Our innovative platforms, including the Okta and Auth0 offerings, are designed to provide secure access, robust authentication, and seamless automation, placing identity at the heart of business security and growth.At Okta, we embrace diverse perspectives and experiences. We seek lifelong learners and individuals who can contribute to our mission with their unique insights.Become a part of our vision! We are dedicated to creating a world where identity truly belongs to the individual.We are looking for a Director of Product Management for Identity Threat Detection and Response, a pivotal leadership role focused on advancing Okta's innovative identity security products. This position requires a solid technical background, a strong sense of product intuition, expertise in cybersecurity, and exceptional collaboration skills to influence the strategic direction of our security offerings. You will leverage your cross-functional influence to drive critical initiatives within this essential area.Based on the robust Okta Identity Cloud, our goal is to offer the most comprehensive, user-friendly, and secure Identity Security product suite available. This team oversees products such as Okta Identity Threat Protection with Okta AI, Okta ThreatInsight, and Okta Network Zones, among other vital security functionalities. Our customers rely on these solutions to protect their digital assets and ensure secure access for their users. Your role will be crucial in seamlessly integrating security into every aspect of our products.Success in this position requires a profound understanding of customer security needs, empathy for both end-user and administrator experiences, and the ability to strategically prioritize amidst competing demands from diverse Okta teams.

Role Overview Claylabs is hiring a Security Engineer in New York to help protect our digital infrastructure. This role focuses on finding vulnerabilities, putting security measures in place, and maintaining the integrity of our systems. What You Will Do Identify security vulnerabilities across systems and networks Implement technical safeguards to protect company assets Monitor and support the ongoing integrity of digital infrastructure Location This position is based in New York.