Clicking Apply Now takes you to AutoApply where you can tailor your resume and apply.
Manager
Join Ramp as a Lead Detection & Response Specialist, where you will spearhead our cybersecurity efforts to protect our systems and data. You will play a crucial role in identifying, investigating, and responding to security incidents. Collaborate with a team of experts to implement proactive measures that ensure the integrity and security of our digital assets.
Ramp is a dynamic technology company headquartered in New York City, dedicated to providing innovative solutions that enhance business efficiency and security. We pride ourselves on fostering a collaborative work environment that encourages creativity and professional growth.
Browse all companies, explore by city & role, or SEO search pages. View directory listings: all jobs, search results, location & role pages.
Tailoring 0 resumes…
We'll move completed jobs to Ready to Apply automatically.
Search for Senior Security Engineer Detection Response
6,375 results
As a Senior Security Engineer focused on Detection & Response at Justworks, you will play a critical role in enhancing our security posture and protecting our clients' data. You will be responsible for designing and implementing advanced detection and response strategies to identify and remediate threats swiftly. Collaborating with cross-functional teams, yo…
Join our dynamic Security Engineering team as a Senior Security Engineer specializing in Detection and Incident Response. In this pivotal role, you will blend the realms of security operations and software engineering, not only investigating incidents but also developing the systems that detect, contain, and prevent them. Your contributions will involve designing and deploying high-precision detection mechanisms across cloud services and enterprise SaaS platforms, crafting automation to expedite response times, and enhancing telemetry pipelines essential for robust security measures.Your expertise in coding will be as vital as your incident triaging skills. You will structure investigations, analyze root causes, and clearly communicate the implications of security incidents to both technical and non-technical stakeholders. Additionally, you'll leverage these insights to drive lasting engineering improvements, resulting in better detections and smarter automation.
Join xAI as a Senior Security Engineer / Analyst to lead our security threat management initiatives. In this pivotal role, you will oversee the identification and management of potential security incidents, collaborating closely with partner teams on known or suspected threats. Your expertise will enhance our threat intelligence, threat hunting, incident response, and intrusion detection efforts, ensuring we adhere to and advance industry best practices.
Sigma Computing
About the Role Sigma Computing is hiring a Senior Security Engineer II focused on Threat Detection and Response for our Security Engineering team in New York City. This position acts as the technical subject matter expert for threat intelligence, detection, and response. The role partners closely with Security, Platform, Product, and Engineering teams to reduce risk and strengthen our defenses at scale. Responsibilities include translating Cyber Threat Intelligence (CTI) into practical security strategies and reinforcing our architecture to guard against modern attack techniques before they can impact our systems. Beyond platform management, this engineer will write production-grade code, design scalable detection systems, automate security responses, and build proactive controls. A strong understanding of cloud, identity, application, and data attack vectors is essential. What You’ll Do Adversary Response Planning: Develop and maintain a comprehensive adversary response strategy that connects organizational risks to specific threat actor tactics, techniques, and procedures (TTPs). Cross-Functional Leadership: Act as a subject matter expert for Infrastructure, Engineering, and Security teams. Guide the adoption of proactive security measures and help integrate security best practices throughout the development lifecycle and company infrastructure. Proactive Threat Modeling: Lead collaborative threat modeling for new products and infrastructure. Support cloud platform, Engineering, and IT teams in identifying and mitigating architectural vulnerabilities before deployment. Continuous Detection Engineering: Build, refine, and continually improve a library of high-fidelity detections. Ensure alerting mechanisms adapt to new exploitation methods and evolving industry standards. Industry Alignment: Stay current with the latest security developments (such as CISA advisories and new MITRE techniques) to keep Sigma’s controls aligned with industry standards. Resilience Testing & Training: Design and run incident response simulations and tabletop exercises. Educate non-security teams on their crisis roles and identify any weaknesses in our layered defense approach. Advanced Incident Management: Lead advanced incident response efforts to ensure security incidents are managed quickly and effectively.
KKR & Co. Inc.
COMPANY OVERVIEWKKR & Co. Inc., a premier global investment firm, specializes in alternative asset management, capital markets, and insurance solutions. Our mission is to achieve compelling investment returns through a patient, disciplined approach, leveraging exceptional talent, and fostering growth in our portfolio companies and communities. KKR oversees investment funds that engage in private equity, credit, and real assets, while our insurance subsidiaries offer retirement, life, and reinsurance products managed by Global Atlantic Financial Group. References to KKR’s investments may encompass activities of its sponsored funds and insurance subsidiaries.TEAM OVERVIEWAt KKR's Technology organization, we are a dynamic group of dedicated technologists and product managers, united by a common goal of delivering outstanding products and solutions that provide significant value to our stakeholders, clients, and investors. Our enthusiasm for technology and innovation propels us to create high-quality, impactful solutions that tackle complex challenges and adapt to the evolving demands of our sophisticated businesses.Collaboration is fundamental to our success. We cultivate an environment of open communication and continuous learning, fostering a culture that appreciates diverse perspectives and collective accomplishments. Our global presence allows us to incorporate varied viewpoints into our product and solution offerings, resulting in comprehensive, adaptable, and scalable solutions. We focus on delivering impactful results, prioritizing excellence while remaining nimble in response to the changing needs of our businesses.POSITION OVERVIEWWe are on the lookout for a skilled SOC Engineer to enhance our Threat Detection & Response capabilities at KKR in either New York or Boston. This role is crucial for modernizing our operations through an engineering-first approach. You'll be dedicated to boosting the effectiveness of our analysts by implementing automation, tooling, and agentic/MCP-style workflows that enhance triage speed, case quality, and containment outcomes. This position requires you to be in the office five days a week.Your responsibilities will span across telemetry, case management, SOAR, and analyst workflows aimed at minimizing toil, improving consistency, and making response efforts more measurable and reliable. While detection engineering is an aspect of this role, the primary focus will be on signal and workflow engineering to ensure alerts are enriched, prioritized, routed, and linked to actionable response paths.What Success Looks Like (6–12 months)Significant reduction in analyst toil and time-to-triage through automation and standardized workflows.
The Security Incident Response Team (SIRT) is integral to safeguarding Datadog from cybersecurity threats. In this pivotal role, you will collaborate with diverse teams to identify, triage, and swiftly respond to an array of security threats, ensuring that incidents are contained promptly. Your contributions will also extend to enhancing our tools and systems, fostering cross-functional learning from incidents to bolster our overall security posture.At Datadog, we value a vibrant office culture that nurtures relationships, collaboration, and creativity. We support a hybrid workplace model, allowing our team members to achieve a harmonious work-life balance.
Join Ramp as a Lead Detection & Response Specialist, where you will spearhead our cybersecurity efforts to protect our systems and data. You will play a crucial role in identifying, investigating, and responding to security incidents. Collaborate with a team of experts to implement proactive measures that ensure the integrity and security of our digital assets.
As a Product Manager for Cloud Detection & Response (CDR), you will play a pivotal role in creating a cohesive threat detection, investigation, and response experience for Datadog's Cloud Security Management solution. By integrating deep security telemetry from our Cloud SIEM, Workload Protection, and Cloud Security offerings, CDR enhances Datadog's observability platform, which includes APM traces, infrastructure metrics, and logs. This unified approach empowers security teams with a comprehensive, context-rich workflow to swiftly identify and respond to cloud threats. Collaborating with engineers, designers, and go-to-market teams, you will define this innovative product area and drive customer adoption and revenue growth. At Datadog, we value our office culture, fostering collaboration and creativity. We operate a hybrid workplace, enabling our Datadogs to achieve a harmonious work-life balance tailored to their needs.
Peloton Interactive, Inc.
Role overview Peloton Interactive, Inc. is hiring a Security Engineer with a focus on Incident Response. This hybrid position is based in New York City, NY, and plays a key role in supporting Peloton’s Security Program. The schedule includes part-time telecommuting. Key responsibilities Research and analyze intelligence data from a variety of sources to support threat-hunting activities. Monitor vulnerabilities, track threat actors, and stay informed about indicators of compromise (IOCs). Identify actionable intelligence and highlight emerging threats relevant to Peloton’s environment. Provide insights into anomalies and possible malicious activities across the enterprise. Collaborate with Security Engineering and Security Operations Center teams to establish baselines for user behaviors and events. Develop new detection methods and response workflows to strengthen incident response capabilities. Triage security incidents and assist with investigations alongside internal teams. Recommend and implement countermeasures based on analysis findings. Create and maintain playbooks for security incidents. Prepare analytical reports for management and senior leadership. Work location This position is based at Peloton Interactive’s New York, NY offices. Part-time remote work is available as part of a hybrid schedule.
Join Datadog as a Group Product Manager for our Cloud SIEM product, where you will empower security teams to proactively detect, investigate, and respond to threats within modern cloud and SaaS environments. In this pivotal role, you will set the strategic vision for our Threat Detection and Incident Response (TDIR) capabilities, significantly influencing how customers automate and scale their security operations. Your leadership will drive product strategy in areas such as detection engineering, case management, response workflows, and integrations, enabling security teams to transition seamlessly from alerts to actionable responses.We pride ourselves on fostering an inclusive and innovative office culture at Datadog, where collaboration and creativity thrive. Our hybrid workplace model allows our team members to achieve a work-life balance that is tailored to their individual needs.
FanDuel Inc.
Role Overview FanDuel Inc. is hiring a Director of Threat Detection and Response in New York City. This leader will guide a skilled team focused on protecting FanDuel’s digital assets from evolving security threats. What You Will Do Design, implement, and refine threat detection strategies to stay ahead of emerging risks. Lead and develop the threat detection and response team. Promote security awareness and resilience throughout the organization. Work closely with cross-functional teams to strengthen defenses against cyber threats.
Join our team as an Incident Response Engineer, where you will play a critical role in enhancing our cybersecurity infrastructure and safeguarding our digital assets. In this dynamic position, you will be responsible for identifying, analyzing, and responding to security incidents while ensuring our systems remain resilient against potential threats.As an essential member of our security team, you will collaborate closely with both technical and non-technical stakeholders to develop effective incident response strategies, conduct post-incident reviews, and implement robust security measures.
Why Join DoppelAt Doppel, we are dedicated to combating one of the most significant threats posed by AI: mass-manufactured social engineering. With the rise of scams, deepfakes, and various social engineering attacks across digital platforms—including websites, social media, ads, and mobile applications—our mission is both straightforward and ambitious: to create a safer internet by outsmarting the rapidly evolving digital threats.Supported by esteemed investors such as a16z and Bessemer, and trusted by globally recognized brands like OpenAI, United Airlines, and Coinbase, Doppel is on a rapid growth trajectory. If you are motivated to tackle real-world challenges through innovative technology, we want to hear from you.What We're BuildingWe are developing an AI-native defense platform against social engineering attacks.This involves creating scalable systems that monitor billions of domains, social media accounts, apps, and dark web forums, using AI agents to detect and neutralize digital threats.What We're Looking ForWe seek passionate engineers who excel at building and operating backend systems at scale. You should be capable of transforming ambiguous detection and product challenges into reliable production services and user interfaces that assist our operations and clients in identifying and mitigating threats. Your focus will be on high-throughput ingestion, enrichment, scoring and alerting pipelines, APIs and dashboards, threat-linking infrastructure, and dependable automation utilized by stakeholder teams daily.
Join Human as a strategic security leader, where you will spearhead our global incident response and investigative efforts. In this pivotal role, you will ensure our organization is fully equipped to prepare for, detect, and respond to security incidents affecting HUMAN, our service ventures, partners, and customers. Collaborating closely with engineering, infrastructure, legal, and business teams, you will enhance our incident handling and continuously improve our detection and response capabilities. As part of a dynamic team, you will also engage with adjacent security domains such as Governance, Risk & Compliance (GRC), product security, and corporate security as needed. This position is open to candidates on the USA East Coast or in the UK.Key ResponsibilitiesOversee Global Incident ResponseLead the incident response process from start to finish, providing both strategic direction and hands-on support during critical incidents.Manage the entire incident lifecycle – preparation, detection, triage, containment, eradication, recovery, and post-incident analysis – ensuring clear roles and communication plans are in place.Act as the Incident Response Commander (IRC) for major incidents, guiding the Cyber Security Incident Response Team (CSIRT) through technical investigations and remediation efforts.Develop and conduct regular tabletop exercises and simulations alongside Security, IT, Engineering, Legal, People, and Customer Operations teams to validate our readiness and drive enhancements.Enhance and Automate Security OperationsDesign, implement, and refine detection strategies across our technology landscape (including endpoint, network, cloud, SaaS, and identity) while actively pursuing proactive threat hunting initiatives.Analyze current and developing threats, transforming threat intelligence into actionable detection use cases, playbooks, and risk narratives for leadership consideration.Continuously enhance automation and orchestration, evolving detection, enrichment, and response workflows using scripting and AI-driven techniques to minimize detection and containment times.Enable Security, IT, and Engineering teams by providing reusable workflows, integrations, and comprehensive documentation instead of isolated scripts.Manage relationships with Managed Detection and Response (MDR), Security Operations Center (SOC), and other security vendors, ensuring playbooks and runbooks align with HUMAN’s threat landscape.Collaborate with engineering and cloud platform teams to strengthen security monitoring practices.
CLEAR builds secure identity technology for both digital and physical spaces. With more than 38 million members and a growing global partner network, CLEAR’s platform helps people move through airports, stadiums, workplaces, and daily routines with greater safety and ease. Role Overview The Senior Security Engineer on the Infrastructure Security Engineering (ISE) team protects CLEAR’s core platforms. This position focuses on cloud security, identity management, and endpoint controls. The work centers on AWS and Kubernetes environments, using infrastructure-as-code to scale and automate security practices. What You Will Do Strengthen security across AWS and Kubernetes infrastructure Develop and implement security controls using infrastructure-as-code Work closely with Engineering, CorpIT, and Security teams to make security a default part of CLEAR’s systems Location This role is based in New York, New York, United States.
Why Join UsAt Brex, we are transforming the way businesses manage their expenses through our innovative AI-powered spend platform. By integrating corporate cards, banking, and global payments with user-friendly software for travel and expenses, we empower companies—from startups to large enterprises like DoorDash, Flexport, and Compass—to control their spending proactively, reduce costs, and enhance efficiency on a global scale.Joining Brex means you will push boundaries, challenge conventional thinking, and collaborate with some of the brightest minds in the industry. We are dedicated to fostering a diverse team and inclusive culture, believing that your potential is only limited by your ambition. We provide you with the tools, resources, and support necessary to elevate your career.Engineering at BrexOur engineering approach at Brex focuses on building scalable systems with intention and speed. Our teams, which encompass Software, Data, Security, and IT, operate with a high degree of autonomy and foster deep collaboration. We take on complex technical challenges, take ownership of our results, and strive for excellence across all stages—from architecture to deployment. At Brex, engineering is a craft, and our builders evolve into leaders.Your RoleAs a Senior Security Operations Engineer at Brex, your mission will be to prevent, detect, and respond to security threats across our corporate and cloud environments. You will leverage existing systems and develop new tools to enhance our security capabilities. Our team is responsible for various functions in corporate security, detection & response, and infrastructure security domains, employing systems engineering and automation to support these functions.Security Operations is nested within our broader Trust & IT organization, providing opportunities to collaborate closely with Application Security, Corporate Engineering, Governance, Risk & Compliance (GRC), and IT. You will work to enhance security configurations, promote positive employee behaviors, and prevent incidents from escalating. Furthermore, you will contribute to our open-source project Substation and have the chance to share insights on the Brex Tech Blog. You will be part of a team that actively engages with the broader security community, committed to mentorship and engineering excellence.We seek individuals with a robust background and a keen interest in detecting, responding to, and resolving security incidents and challenges. You should be passionate about security and eager to contribute to a forward-thinking team.
January
At January, we are on a mission to revolutionize consumer finance from the ground up. By personalizing interactions and optimizing decision-making throughout all stages of consumer credit, we empower both consumers and creditors, ensuring that credit is fair, accessible, and tailored to individual needs.As a Lead Security Engineer, you will redefine security standards in an industry where trust has been significantly compromised. This is a unique opportunity to join us at a pivotal moment: we have established the hard-earned trust of leading financial institutions, and now you will create the security framework that extends this trust to millions of consumers.You will design and implement a dual trust architecture, safeguarding both consumer-facing experiences and robust enterprise systems. You will tackle technical challenges that are unparalleled in the industry, such as privacy-preserving data systems, compliance automation across multiple jurisdictions, and AI-driven decision-making processes. Your influence will shape our security strategy and culture from the ground up, demonstrating that security is not merely an overhead cost, but a competitive advantage that drives enterprise partnerships and market growth.Your ImpactTransform security into a competitive edge: Position January's security as a key differentiator that attracts banks and enterprises, unlocking Tier 1 partnerships and deals that competitors cannot secure.Promote security-by-design in product and application development: Collaborate with product and engineering teams to identify critical risks early in the process, focusing on application security across frontend, Flask services, and databases. Integrate security into the discovery and design phases, ensuring secure development patterns are embedded in workflows.Design systems for bank-grade data protection: Create and enforce data classification, encryption, and access control mechanisms that comply with regulatory standards, ensuring sensitive data remains within authorized boundaries.Foster a security-first engineering culture: Advocate for security-centric thinking within engineering teams without hindering progress. Lead incident responses decisively, ensuring that January emerges stronger from security events through thorough post-incident analyses.Streamline compliance with minimal overhead: Maintain SOC 2, PCI-DSS, and financial compliance using automated systems and build infrastructure that generates audit evidence seamlessly, eliminating compliance bottlenecks.
KKR & Co. Inc.
COMPANY OVERVIEWKKR is a renowned global investment firm specializing in alternative asset management, capital markets, and insurance solutions. Our mission is to deliver compelling investment returns through a disciplined approach, exceptional talent, and a commitment to fostering growth within our portfolio and communities. KKR manages investment funds focused on private equity, credit, and real assets, and collaborates with strategic partners overseeing hedge funds. Our insurance subsidiaries, under Global Atlantic Financial Group, provide a range of retirement, life, and reinsurance products.TEAM OVERVIEWWithin KKR's Technology organization, a team of dedicated technologists and product managers work together to create innovative solutions that add value for clients and stakeholders alike. Our commitment to technology and innovation drives us to develop impactful solutions that effectively address complex challenges while adapting to the evolving requirements of our sophisticated businesses. We believe that teamwork is essential for success and foster a culture of open collaboration, continuous learning, and diversity of thought.POSITION OVERVIEWWe are looking for a skilled Blue Team Lead to become KKR's U.S. Regional Lead and primary escalation point for intricate cyber incidents within our Threat Detection & Response (TD&R) function, based in our New York or Boston office. This senior leadership position requires deep investigative expertise, responsibility for incident command, containment strategies, stakeholder communications, and readiness for response. This role mandates in-office presence five days a week.As KKR transitions to a more cloud-first and identity-first model, this role will play a crucial part in determining our response strategies, collaborating closely with our Managed Security Service Provider (MSSP), internal Computer Incident Response Team (CIRT), and engineering teams to achieve swift and consistent outcomes.
CoreWeave is the definitive cloud solution for AI™. Designed by innovators for innovators, we provide a robust platform of technology, tools, and expert teams that empower trailblazers to confidently build and scale AI solutions. Trusted by top AI research labs, startups, and global enterprises, CoreWeave merges exceptional infrastructure performance with profound technical know-how to expedite breakthroughs and transform computing power into actionable capability. Established in 2017, CoreWeave became publicly traded (Nasdaq: CRWV) in March 2025. Discover more at www.coreweave.com.What You Will Do:The Enterprise Security team at CoreWeave is tasked with safeguarding our daily operations—covering identity, endpoints, networks, and SaaS—ensuring the company can maintain agility without sacrificing security. This team is accountable for the controls, guardrails, and automation that protect our workforce, contractors, and vital business applications within a cloud-native environment.If you're passionate about zero trust, phishing-resistant MFA, and creating secure-by-default experiences that enhance productivity, this is the perfect team for you.About the Role:As a Senior Security Engineer, Enterprise Security, you will architect and implement the security measures that support CoreWeave's workforce and enterprise framework. You will spearhead projects related to identity, access management, device and endpoint security, and SaaS security—collaborating closely with IT Engineering, Endpoint, Network, and various security teams.Your routine will involve a blend of hands-on engineering (coding, building integrations, fine-tuning controls) and architecture and program leadership (setting standards, defining frameworks, and encouraging adoption across teams). You will be accountable for transforming high-level goals—such as “implementing zero trust for workforce access” or “deploying phishing-resistant MFA at scale”—into tangible designs, automation, and quantifiable risk reduction.In this position, you will:Develop advanced identity and access controls
Sigma Computing
About the Role Sigma Computing is seeking a Senior Security Engineer II focused on Cloud & Data Security to help safeguard our large-scale, cloud-native SaaS platform. This position centers on engineering: building security solutions, not just operating existing tools. The role calls for a subject matter expert in cloud security architecture. Collaboration with Engineering, Security, and Product teams is key, as is designing scalable controls that support business growth. Responsibilities include creating secure architectures, integrating controls into infrastructure-as-code, and setting up automated guardrails so teams can move quickly without waiting for manual security sign-offs. This is a hands-on position for someone who thrives in complex cloud environments, values automation, and knows how to scale security for a growing SaaS company. What You Will Do Architectural Leadership: Work closely with infrastructure and engineering teams to embed security into development workflows. Lead technical discussions that shape security strategy and initiatives. Multi-Cloud Engineering: Design, implement, and refine Sigma’s cloud security across AWS, GCP, and Azure, using deep architectural expertise. Threat Modeling & Incident Response: Conduct threat modeling for cloud environments and handle incident response, including investigation and remediation of malicious activity. Identity & Access Management: Develop strategies for IAM and privileged access (RBAC/ABAC, federation, least privilege, cross-account access). Remove standing privileges and long-lived credentials, and promote zero-trust and privileged access controls across IaaS and SaaS. Cloud Data Security Controls: Implement data classification, encryption/KMS, masking/tokenization, access governance, retention and deletion policies, and reduce exfiltration risks across APIs and data pipelines. Automated Remediation Workflows: Build automated responses for recurring cloud misconfigurations, drift, and policy violations to improve operational efficiency and response times. Security Stack Management: Deploy and manage cloud-native services, including CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security tools. Network Defense: Evaluate and implement zero-trust network security measures. Location: New York City, NY
Sign in to browse more jobs
Create account — see all 6,375 results
Browse all companies, explore by city & role, or SEO search pages. View directory listings: all jobs, search results, or location & role pages.
