Source Job

US

  • Perform investigations of security incidents using digital forensics and data analytics.
  • Build automation and detection models to identify anomalous activity and mitigate threats at scale.
  • Partner with engineering teams to develop advanced detection solutions and complex investigations.

Python SQL Incident Response Threat Hunting Digital Forensics

20 jobs similar to Senior Security Engineer, Threat Detection and Response

Jobs ranked by similarity.

$140,000–$175,000/yr
Global

  • Design, build, and improve automated evidence collection and SOAR playbooks to increase incident investigation speed and consistency.
  • Integrate SIEM, EDR, IAM, and other platforms to enable unified response actions and stronger analyst context.
  • Develop scripts and tooling supporting triage, containment, forensic collection, and operational response workflows.

NBCUniversal is a leading media and entertainment company that creates and distributes world-class content across film, television, and streaming, and operates global theme parks. A subsidiary of Comcast Corporation, it champions an inclusive culture and strives to attract and develop a talented workforce.

$122,500–$165,000/yr
US

  • Proactively identify and respond to emerging security threats and incidents.
  • Develop detection techniques and manage core security tooling such as SIEM and orchestration platforms.
  • Collaborate across teams to support security projects and participate in on-call rotations.

Circle is a leading internet financial platform company building infrastructure for digital assets, stablecoins, and blockchain. They have a flexible work environment with values of high integrity and multistakeholder collaboration.

$135,481–$182,160/yr
US

  • Monitor security events and provide technical analysis on alerts.
  • Lead information security incidents and employee investigations, developing response strategies.
  • Deliver security guidance and coordinate building services to support security operations.

Samsara is the pioneer of the Connected Operations Cloud, helping organizations that depend on physical operations harness IoT data to improve safety, efficiency, and sustainability. As a recently public company with a culture that encourages rapid career development, they support a flexible, employee-led remote model.

Global

  • Handle complex security incidents, leading deep investigations and driving remediation actions.
  • Participate in a 24/7 on-call rotation to ensure timely response to critical security incidents.
  • Mentor L1/L2 analysts and drive improvements in detection capabilities and incident readiness.

Eurofins is an international life sciences company providing analytical testing services to ensure products are safe and authentic. With over 65,000 staff across 950+ laboratories in 59 countries, it offers a multicultural and entrepreneurial work environment.

US 4w PTO

  • Work cross-functionally to design, build, and operate solutions that automate and improve security capabilities.
  • Lead incident response efforts, analyze security trends, and refine security documentation like policies and standards.
  • Mentor junior engineers and coach team members to drive security outcomes across the organization.

Aledade is a public benefit corporation that empowers independent primary care practices through value-based care, helping them deliver better patient outcomes while thriving financially. Founded in 2014, the company has grown to become the largest network of independent primary care in the US, fostering a collaborative, inclusive, and remote-first culture.

$103,600–$148,000/yr
US

  • Perform investigations into detected threats and leverage security products to analyze, contain, and remediate threats in customer environments.
  • Provide customers with thorough reports of actions taken to ensure clarity on environment cleanup and protection strategies.
  • Collaborate with Detection Engineering, Threat Hunting, Intel, and Product teams to develop innovative methods for timely threat remediation.

Zscaler accelerates digital transformation by providing a cloud-native Zero Trust Exchange platform that secures users, devices, and applications from cyberattacks and data loss. The company fosters a culture of execution centered on customer obsession, collaboration, ownership, and accountability, with a focus on innovation and transparency.

US Unlimited PTO 12w maternity 12w paternity

  • Monitor logs, alerts, and telemetry to detect threats across infrastructure and cloud environments.
  • Perform in-depth security analysis and investigations to assess risk and identify root causes.
  • Coordinate and execute incident response efforts including containment, mitigation, and recovery.

Binance.US is a licensed and regulated U.S. crypto platform providing secure access to over 190 cryptocurrencies. As a remote-first team, we innovate to bridge traditional finance and Web3, helping bring financial freedom within reach for all.

US 4w PTO

  • Provide tier 2 and 3 support to customers and collaborate with the threat research team to challenge the detection engine.
  • Analyze huge web traffic data sets (over 100 billion documents) to identify and block malicious traffic.
  • Create automations/scripts to detect outliers in global traffic and add new alerts to the detection platform.

DataDome delivers real-time bot and agent trust management, giving businesses complete visibility and control over all traffic. Backed by a 24/7 SOC and expert threat researchers, DataDome stops 20k+ attacks every second and is a recognized Leader on G2.

$54,400–$120,750/yr
US

  • Investigate security alerts using tools such as CrowdStrike Falcon Suite and Microsoft Sentinel to determine scope and impact.
  • Support incident response activities, including containment, remediation, and post-incident documentation.
  • Collaborate with cross-functional teams to improve detection quality, workflows, and response readiness.

Commvault is the gold standard in cyber resilience, empowering customers to uncover, take action, and rapidly recover from cyberattacks. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks and improve governance.

Europe

  • Respond to security incidents as part of a distributed 24x7 on-call schedule, triaging and containing events.
  • Conduct security investigations and forensics across data sources to determine event timelines and impact.
  • Build automations leveraging AI and agentic platforms to expedite incident response and scale team impact.

Databricks is the data and AI company, providing a unified platform for data, analytics, and AI. More than 10,000 organizations worldwide, including over 50% of the Fortune 500, rely on Databricks, which fosters a diverse and inclusive culture.

$71,640–$124,176/yr
US 4w PTO

  • Perform in-depth analysis, triage, and response to security threats following documented policies and playbooks.
  • Monitor and analyze security events using SIEM, EDR, and assess risk levels of cyber threats.
  • Escalate higher-risk events and collaborate with incident response teams to drive incident handling.

Experian is a global data and technology company that powers opportunities for people and businesses by redefining lending, preventing fraud, and creating digital solutions. With 23,300 employees across 32 countries, the company emphasizes inclusion, work-life balance, and has been recognized as a World's Best Workplace in 2024.

US

  • Develop new cyber detections for threats using SIEM and other security tooling.
  • Assess software and service requests and deploy solutions to secure infrastructure, data, and people.
  • Respond to security incidents and drive mitigation and remediation efforts.

Stack develops revolutionary AI and autonomous systems for the trucking industry to enhance safety and efficiency. The team has decades of experience deploying real world systems and is committed to building a culture of inclusion and innovation.

$80,900–$137,600/yr

  • Monitors, investigates, and responds to cybersecurity events and alerts across various security platforms.
  • Manages data loss prevention and insider risk alerts, collaborating with IT and business stakeholders.
  • Supports continuous improvement of detection capabilities through alert tuning and process optimization.

USAP is a company that safeguards organizational data and technology assets through cybersecurity operations. The size and culture are not specified, but the job emphasizes collaboration, continuous improvement, and a secure technology environment.

$120,000–$140,000/yr
US

  • Develop and execute strategic plans for proactive threat-hunting initiatives to identify and mitigate potential security threats.
  • Conduct in-depth analysis of security logs, network traffic, and endpoint data to identify anomalous behavior and indicators of compromise.
  • Collaborate with cross-functional teams, including SOC analysts and incident responders, to prioritize and investigate potential threats.

Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. Named one of the fastest growing privately held companies and Best Places to Work in DC area, they have an employee-centric culture and are committed to growing careers.

$98,000–$98,000/yr
US

  • Deploy and maintain endpoint detection and response agents across Windows, macOS, and Linux, coordinating updates and patches through change control.
  • Configure and optimize AI-assisted detection automations and prevention policies to maximize security platform coverage.
  • Manage vulnerability scanning schedules and asset tagging, partnering with teams to provide remediation data and configuration recommendations.

Dragos is a market leader in ICS/OT cybersecurity, defending industrial organizations that provide essential services. The company is remote-first with operations across North America, Europe, the Middle East, and APAC, and values authenticity, transparency, and trust.

$77,000–$82,000/yr
US

  • Monitor security alerts and assist in triaging suspicious activity using SIEM tools.
  • Collaborate with senior analysts to investigate potential threats and support incident response efforts.
  • Participate in threat hunting and vulnerability review exercises to identify and mitigate risks.

HealthEdge provides software solutions for the healthcare industry. They have a Center of Excellence structure with experienced security professionals, fostering a collaborative and growth-oriented culture.

$65–$75/hr
United States

  • Monitor, investigate, and respond to security detections across the SIEM, driving alerts to resolution.
  • Develop, tune, and maintain SIEM use cases and correlation rules to improve detection coverage.
  • Build and deliver operational reports and dashboards from available SIEM log source data.

Authentic8 provides Silo, a cloud-native platform that enables digital analysts to conduct secure, anonymous investigations across the globe. They serve over 750 of the world's most sophisticated organizations, from government agencies to commercial entities, with a culture of integrity, collaboration, and transparency.

$125,000–$205,000/yr
US Unlimited PTO

  • Build the Security Telemetry and Risk Fabric to design layered control implementations and shift from reactive monitoring to self-healing security.
  • Architect Universal Identity and Access Automation, including provisioning connectors and secret discovery to eliminate manual workflows.
  • Partner across Security, Engineering, and Product to build custom automation for compliance with various audit frameworks.

ClickHouse is a fast-growing private cloud company recognized on the 2025 Forbes Cloud 100 list, leading the market in real-time analytics, data warehousing, observability, and AI workloads with over 3,000 customers. The company has grown ARR over 250% year over year, recently raised a $400M Series D, and counts Meta, Sony, and Tesla among its customers.

$100,000–$165,000/yr
US Unlimited PTO

  • Lead security operations including vulnerability management, incident response, and SIEM platform maturity.
  • Administer Microsoft security tools (Defender, Purview, Entra) and support compliance frameworks like SOC 2 and HITRUST.
  • Drive risk reduction through security awareness, risky user remediation, and cross-functional collaboration.

Sequel develops next-generation drug-delivery advancements, starting with the twiist Automated Insulin Delivery System for diabetes management. It is headquartered in New Hampshire and fosters a culture of hard work, fun, and support.

US Unlimited PTO

  • Design and build security automation and orchestration workflows using platforms like Tines, Torq, or Cortex XSOAR.
  • Integrate security and IT systems via REST APIs, webhooks, and JSON, and write custom Python scripts for automation.
  • Decompose manual security processes into reliable automated workflows, including error handling and conditional logic.

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. The company has grown to over 1,200 employees and serves more than 6,200 customers, with a culture focused on collaboration and mentorship.