Security Analyst - Detection and Incident Response

About ClickHouseRecognized as one of the most innovative and rapidly expanding private cloud companies on the 2025 Forbes Cloud 100 list, ClickHouse serves over 3,000 customers and has achieved an annual recurring revenue growth of over 250% year-over-year. We are at the forefront of real-time analytics, data warehousing, observability, and AI workloads.Our recent $400M Series D financing round validates our ongoing momentum. In the last three months, notable clients such as Capital One, Lovable, Decagon, Polymarket, and Airwallex have either adopted our platform or expanded their existing usage. These new clients join leading AI innovators and prominent global brands including Meta, Cursor, Sony, and Tesla.Join us on our mission to revolutionize the way businesses leverage data!The Security Team at ClickHouse is dedicated to delivering vital security solutions encompassing application, cloud, and enterprise security, incident response, detection, and governance, risk, and compliance (GRC). We are seeking a skilled and proactive security practitioner to enhance modern security protocols and tools, with a primary focus on improving our detection and incident response capabilities.

Join the forefront of cybersecurity as an Incident Response Engineer with reteam, where you will play a pivotal role in safeguarding our clients' digital assets.In this role, you'll lead investigations into security breaches, develop incident response strategies, and collaborate with cross-functional teams to enhance our security posture.As a key member of our team, you will be responsible for identifying vulnerabilities, conducting risk assessments, and implementing best practices to mitigate potential threats.

Join our team as an Incident Response Engineer, where you will play a critical role in enhancing our cybersecurity infrastructure and safeguarding our digital assets. In this dynamic position, you will be responsible for identifying, analyzing, and responding to security incidents while ensuring our systems remain resilient against potential threats.As an essential member of our security team, you will collaborate closely with both technical and non-technical stakeholders to develop effective incident response strategies, conduct post-incident reviews, and implement robust security measures.

This position is open to remote candidates across the U.S., with a preference for those located in the San Francisco/Bay Area or Seattle/Bellevue. U.S. citizenship is required.Databricks is on the lookout for a highly skilled and strategic Senior Staff Security Engineer specializing in Incident Response to bolster our Incident Response team. In this critical role, you will make decisions that will significantly influence the long-term success of Databricks' security framework, crafting solutions that pave the way for future opportunities even when paths are unclear. Your contributions will be vital in shaping a multi-year technology strategy for key sectors of our business, involving multiple systems and teams, and consistently delivering large-scale projects aligned with corporate objectives.The Incident Response team is dedicated to swiftly, effectively, and uniformly addressing security threats, incidents, and investigations to safeguard our customers, employees, and enterprise data. Utilizing Databricks' own platform for near-real-time log analytics, alerting, and forensics, we embody a philosophy of "Security for Databricks on Databricks." As a Senior Staff Security Engineer, you will tackle the most challenging Security Incident Response Team (SIRT) tasks, navigate complex, ambiguous problems, and enhance the organization’s efficiency through systems enablement, tool creation, or policy innovation.Your Impact:Strategic Direction & Technical Vision: Influence the organization's roadmap and lead discussions on vital technology domains, fostering adoption and contributing decisions with long-term implications for Databricks' success.Incident Leadership & Crisis Management: Spearhead intricate investigations and impact assessments, executing crisis management through the Incident Management System (IMS). Collaborate with various stakeholders and convey findings to executive leadership, ensuring effective handling of significant security incidents with minimal operational disruption.Advanced Threat Management: Demonstrate expert knowledge across all cloud services utilized by Databricks (AWS, Azure, GCP), possessing a deep understanding of the architecture of essential business components and articulating their security and risk parameters. Propel the creation of a sophisticated threat detection and response program aimed at significantly reducing Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) to security incidents.Technical Innovation & Automation: Design scalable security solutions that leverage automation to enhance incident response efficiency and effectiveness.

Role overview Peloton Interactive, Inc. is hiring a Security Engineer with a focus on Incident Response. This hybrid position is based in New York City, NY, and plays a key role in supporting Peloton’s Security Program. The schedule includes part-time telecommuting. Key responsibilities Research and analyze intelligence data from a variety of sources to support threat-hunting activities. Monitor vulnerabilities, track threat actors, and stay informed about indicators of compromise (IOCs). Identify actionable intelligence and highlight emerging threats relevant to Peloton’s environment. Provide insights into anomalies and possible malicious activities across the enterprise. Collaborate with Security Engineering and Security Operations Center teams to establish baselines for user behaviors and events. Develop new detection methods and response workflows to strengthen incident response capabilities. Triage security incidents and assist with investigations alongside internal teams. Recommend and implement countermeasures based on analysis findings. Create and maintain playbooks for security incidents. Prepare analytical reports for management and senior leadership. Work location This position is based at Peloton Interactive’s New York, NY offices. Part-time remote work is available as part of a hybrid schedule.

The Security Incident Response Team (SIRT) is integral to safeguarding Datadog from cybersecurity threats. In this pivotal role, you will collaborate with diverse teams to identify, triage, and swiftly respond to an array of security threats, ensuring that incidents are contained promptly. Your contributions will also extend to enhancing our tools and systems, fostering cross-functional learning from incidents to bolster our overall security posture.At Datadog, we value a vibrant office culture that nurtures relationships, collaboration, and creativity. We support a hybrid workplace model, allowing our team members to achieve a harmonious work-life balance.

Founded in 2007, Airbnb has transformed hospitality by connecting over 5 million hosts with more than 2 billion guests worldwide. Our platform offers unique stays and experiences that foster authentic connections within communities.Join Our Community:The Threat Detection and Response (TDR) team at Airbnb is dedicated to enhancing security through automation and effective incident management. Our frontline team is responsible for the detection, investigation, and response to security threats.We are in search of an Engineering Manager to lead our Investigations & Incident Response team within our well-established TDR organization. This pivotal role merges incident response leadership with strategic oversight and engineering scalability.Your Impact:Develop and implement innovative strategies for detecting, containing, and mitigating security threats, advancing our incident response capabilities.Oversee all aspects of incident response and investigation, ensuring effective management from identification through recovery.Influence team operations, enhancing our response models, guiding incident execution, and driving automation and engineering solutions.Define the vision for a modern incident response function, ensuring investigations lead to significant enhancements in our security posture.Evaluate current capabilities, mapping out improvements across personnel, processes, and technology for global response effectiveness.Expand the function through automation, improved tooling, and optimized workflows to address repeatable challenges systematically.Act as a key liaison to senior leadership, articulating incident trends, risks, and strategic initiatives, while collaborating across the organization to translate incident insights into lasting security enhancements.Your Daily Responsibilities:Lead and mentor a diverse team of approximately 5 senior engineers.

Join Human as a strategic security leader, where you will spearhead our global incident response and investigative efforts. In this pivotal role, you will ensure our organization is fully equipped to prepare for, detect, and respond to security incidents affecting HUMAN, our service ventures, partners, and customers. Collaborating closely with engineering, infrastructure, legal, and business teams, you will enhance our incident handling and continuously improve our detection and response capabilities. As part of a dynamic team, you will also engage with adjacent security domains such as Governance, Risk & Compliance (GRC), product security, and corporate security as needed. This position is open to candidates on the USA East Coast or in the UK.Key ResponsibilitiesOversee Global Incident ResponseLead the incident response process from start to finish, providing both strategic direction and hands-on support during critical incidents.Manage the entire incident lifecycle – preparation, detection, triage, containment, eradication, recovery, and post-incident analysis – ensuring clear roles and communication plans are in place.Act as the Incident Response Commander (IRC) for major incidents, guiding the Cyber Security Incident Response Team (CSIRT) through technical investigations and remediation efforts.Develop and conduct regular tabletop exercises and simulations alongside Security, IT, Engineering, Legal, People, and Customer Operations teams to validate our readiness and drive enhancements.Enhance and Automate Security OperationsDesign, implement, and refine detection strategies across our technology landscape (including endpoint, network, cloud, SaaS, and identity) while actively pursuing proactive threat hunting initiatives.Analyze current and developing threats, transforming threat intelligence into actionable detection use cases, playbooks, and risk narratives for leadership consideration.Continuously enhance automation and orchestration, evolving detection, enrichment, and response workflows using scripting and AI-driven techniques to minimize detection and containment times.Enable Security, IT, and Engineering teams by providing reusable workflows, integrations, and comprehensive documentation instead of isolated scripts.Manage relationships with Managed Detection and Response (MDR), Security Operations Center (SOC), and other security vendors, ensuring playbooks and runbooks align with HUMAN’s threat landscape.Collaborate with engineering and cloud platform teams to strengthen security monitoring practices.

Join dstaff as the Information Security Incident Response Lead, where you will play a crucial role in protecting our organization from security threats. You will spearhead our incident response efforts, leading a team to swiftly address and mitigate security incidents, ensuring the integrity and confidentiality of our data.Your expertise in incident management and security protocols will be essential in developing strategies to enhance our response capabilities. This position offers a dynamic work environment where you will collaborate with various teams to implement security measures and improve our overall security posture.

Join Worldpay as an Incident Response Lead/Engineer in Offensive Security, where you will play a crucial role in safeguarding our systems against potential threats. Your expertise in incident response and offensive security will help us enhance our security posture, ensuring the integrity and confidentiality of our financial systems. Collaborate with a dynamic team of security professionals, leveraging cutting-edge technologies to identify vulnerabilities and respond to security incidents effectively.

Join Mapbox as an Engineering Manager for the Incident Response team, where you will lead critical initiatives to ensure seamless operation and resolution of incidents. In this strategic role, you will oversee a team of dedicated engineers, fostering a culture of collaboration and continuous improvement while managing the response to incidents effectively.

Join ClickHouse as a Senior Infrastructure Engineer!Recognized in the Forbes Cloud 100 list of 2025, ClickHouse is at the forefront of innovation in the private cloud sector. With a remarkable 250% year-over-year growth in Annual Recurring Revenue (ARR) and over 3,000 satisfied customers, we excel in providing real-time analytics, data warehousing, observability, and AI-driven solutions.Our recent $400M Series D funding round has further validated our growth trajectory, attracting clients like Capital One, Lovable, and Airwallex. These organizations are now leveraging our platform alongside industry giants such as Meta, Sony, and Tesla.We are on a mission to revolutionize data usage for businesses. Be a part of our exciting journey!As we expand our cloud data platform across AWS, GCP, and Azure, we are looking for a Senior Infrastructure Engineer to enhance the reliability, automation, and operations of our services on a global scale. In this hands-on, high-impact role, you will play a pivotal part in shaping our next-generation data platform, implementing automation and observability to ensure a seamless customer experience.

At Roblox, millions of users engage daily in a vibrant ecosystem of exploration, creativity, and connection within immersive 3D digital worlds, all crafted by our diverse community of developers and creators. We are dedicated to providing the tools and platform that empower our community to transform their imaginative experiences into reality. Our mission is to redefine how individuals connect globally, across any device, while fostering an environment of optimism and civility. We are seeking exceptional talent to join us on this journey to connect a billion people. A career with Roblox allows you to influence the future of human interaction, tackle unique technical challenges at scale, and contribute to creating safer, more respectful shared experiences for everyone.As a pivotal member of the Security Operations team, you will take the reins as the Incident Response Program Lead at Roblox headquarters. In this essential role, you will be responsible for developing, enhancing, and expanding our Security Incident Response Team (SIRT) capabilities across people, processes, and technology. You will architect our response maturity, transitioning us from reactive firefighting to a structured, highly coordinated operation. While you’ll remain hands-on during incidents, your primary focus will be to amplify our capabilities: ensuring that our alert pipeline, response procedures, tools, and capacities are deeply integrated with the entire organization. Collaborating closely with leadership, you will shape the roadmap for the Security Incident Response Team, work cohesively with Security Operations Center (SOC) operations, and ensure our team is well-equipped to protect Roblox’s platform, developers, and millions of users.

The Trade Desk is revolutionizing how global brands and their agencies engage with audiences worldwide. Our media buying platform enhances the ad experience for consumers, establishing new benchmarks for global reach, accuracy, and transparency. We take immense pride in our company culture, valuing the diverse experiences and viewpoints each individual contributes to The Trade Desk. We are dedicated to creating inclusive environments where everyone can authentically express themselves at work. If you are a talented, driven, and innovative professional eager to join a dynamic, globally-connected team, we would love to hear from you! WHAT WE DO: The SPIDER (Security Posture, Incident Detection Engineering & Response) team at The Trade Desk is committed to safeguarding the people, processes, and technologies that drive the open internet. We are in search of a seasoned and adaptable Security Operations Engineer to join our Cybersecurity Department, reporting within the Cybersecurity Incident Response Team, actively managing cybersecurity incidents across the enterprise.

As an Incident Response Expert III at Arsiem, you will be pivotal in identifying, analyzing, and mitigating security incidents. You will leverage your expertise to develop and implement effective incident response strategies, while collaborating with cross-functional teams to enhance our security posture.

Join us in revolutionizing the data storage industry at Pure Storage! As a Senior Security Operations Manager, you'll be at the forefront of innovative technology, leading a team that is shaping the future of security operations.This is your chance to engage in work that truly matters, as we transform the tech landscape. If you're ready to embrace a world of opportunities and make a significant impact, we invite you to be part of our dynamic team.THE ROLEThe Senior Security Operations Manager for Detection Engineering & Incident Response will spearhead the evolution of Pure’s Security Operations (SecOps) function encompassing Detection Engineering, Threat Intelligence, and Incident Response (CIDR). Your mission will be to revolutionize SecOps into a proactive, intelligence-driven program that effectively mitigates enterprise risk and enhances security across cloud, SaaS, infrastructure, and endpoint environments.This position is pivotal, positioned at the nexus of detection, incident response, threat hunting, attack surface management, and platform security. You will develop and refine a high-signal detection and response system—from telemetry pipelines to actionable alerts—ensuring all detections are aligned with real attacker behaviors and effectively mitigate risk.You will collaborate closely with leaders across Governance, Risk & Compliance (GRC), Product Security, Infrastructure, Identity and Access Management (IAM), and Engineering to operationalize risk-informed detections, enhance incident response processes, and drive quantifiable improvements in our security posture.WHAT YOU’LL DOLead and enhance Detection Engineering and CIDR functions, focusing on threat detection, response workflows, incident triage, and automation.Create and sustain a detailed detection inventory categorized by threat type, log source, MITRE mapping, and detection method.Drive continuous validation through red team, purple team, and atomic testing.

About ClickHouseRanked on the prestigious 2025 Forbes Cloud 100 list, ClickHouse stands out as a pioneering and rapidly expanding private cloud company. With over 3,000 clients and a staggering 250 percent annual recurring revenue growth, ClickHouse is at the forefront of real-time analytics, data warehousing, observability, and AI workloads.Our momentum has been further validated by a $400 million Series D funding round. Recently, notable customers such as Capital One, Lovable, Decagon, Polymarket, and Airwallex have chosen to adopt our platform or enhance their existing deployments. These organizations join a robust clientele of AI trailblazers and global brands including Meta, Cursor, Sony, and Tesla.We are on a transformative mission to reshape data utilization for companies. Join us on this exciting journey!Help us revolutionize Observability for Developers! We aim to redefine how engineers monitor, debug, and scale their production applications with HyperDX, now a part of ClickHouse. HyperDX is an open-source platform that turns telemetry data into actionable insights, creating a seamless integration of logs, metrics, traces, and session replays to accelerate root cause analysis. If you’ve ever been frustrated with platforms like Grafana, Datadog, or Elastic in the middle of the night, you’ll understand the challenge we are tackling. And now, you can contribute to the solution.We are seeking a Senior Backend Engineer to assist in developing a petabyte-scale, high-performance observability platform, with a strong emphasis on creating an exceptional developer experience (the DX in HyperDX).

As an Incident Manager in the Detection & Response team, you will play a pivotal role in safeguarding our systems and data. You will be responsible for leading incident response efforts, coordinating with various teams to ensure rapid resolution of incidents, and enhancing our incident management processes. This position requires a keen understanding of security vulnerabilities and incident management best practices.

About ClickHouseRecognized on the 2025 Forbes Cloud 100 list, ClickHouse stands as one of the most dynamic and rapidly expanding private cloud companies. We proudly serve over 3,000 customers and have experienced an impressive annual recurring revenue (ARR) growth exceeding 250% year-over-year. ClickHouse excels in the realms of real-time analytics, data warehousing, observability, and AI workloads.Our remarkable growth was further validated by a recent $400M Series D financing round. In the last quarter, high-profile companies such as Capital One, Lovable, Decagon, Polymarket, and Airwallex have either adopted our platform or expanded their existing deployments. They join a distinguished roster of AI trailblazers and global brands including Meta, Cursor, Sony, and Tesla.Join us on our mission to revolutionize how organizations leverage data! We are seeking a Senior Frontend Engineer to join our innovative team and assist in the development of a petabyte-scale, high-performance observability platform focused on delivering an exceptional developer experience (the DX in HyperDX).Join us in transforming Observability for Developers! Our goal is to redefine how engineers monitor, debug, and scale their production applications with HyperDX, an open-source platform that converts telemetry data into actionable insights. Imagine a seamless integration of logs, metrics, traces, and session replays that allows for rapid identification of root causes. If you've ever felt the frustration of not getting the answers you need from tools like Grafana, Datadog, or Elastic, then you will understand the problem we're addressing, and now you can be part of the solution.In this role, you will:What You’ll Do:Shape the product: Take ownership of and develop key features, emphasizing frontend systems that enhance debugging and monitoring for developers, while ensuring a smooth and intuitive user experience.Engage with the community: Collaborate with open-source contributors and customers, addressing their challenges and integrating their feedback into our frontend roadmap and design.Tackle technical challenges: Create and implement a fast and highly efficient user interface capable of visualizing and interacting with vast amounts of observability data. Unlock cutting-edge analysis tools that empower engineers to resolve production issues like never before.Who You Are:A passionate JavaScript developer with a strong affinity for frontend technologies.A creative problem-solver who thrives in a fast-paced, dynamic environment.