Lead detection engineering initiatives end-to-end, from threat research and design documentation through implementation, testing, and production deployment.
Partner with Application Security, CTI, and Red Team to conduct threat modelling, translate threat intelligence into actionable detections, and validate detection effectiveness through threat simulation scenarios.
Create automation and enrichment pipelines that reduce manual context-switching and cognitive load for analysts, improving mean-time-to-detect, analyse, and respond to security events.
Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments.
Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning.
Collaborate with Security, Infrastructure, and IT teams to improve security visibility, logging quality, and response readiness.
1Password is building the foundation for a safe, productive digital future. They innovated the market-leading enterprise password manager and pioneered Extended Access Management, a new cybersecurity category built for the way people and AI agents work today. Over 180,000 businesses trust 1Password to help their teams securely adopt the SaaS and AI tools they need to do their best work.
Using Red Canary’s detection platform to analyze EDR telemetry, alerts, and log sources.
Researching coverage opportunities then creating new detectors, and tune existing ones.
Improving the Detection Engineering workflow through orchestration & automation.
Zscaler accelerates digital transformation, protecting customers from cyberattacks and data loss. They value transparency and constructive debate, building high-performing teams focused on customer obsession, collaboration, ownership, and accountability.
Analyse incoming threat signals to produce actionable intelligence products.
Maintain intelligence infrastructure and automation workflows.
Conduct independent research on emerging threats and maintain a library of adversaries.
Canva is a design platform that enables users to create a variety of visual content. They have offices in Sydney and Melbourne, as well as co-working spaces in other Australian cities, and they values a flexible work environment.
Using Red Canary’s detection platform to analyze EDR telemetry, alerts, and log sources.
Researching coverage opportunities then creating new detectors, and tune existing ones.
Improving the Detection Engineering workflow through orchestration & automation
Zscaler, founded in 2007, aims to make the cloud a safe place for business. They operate the world’s largest security cloud, using AI to protect enterprises from cyberattacks and data loss, fostering an inclusive and supportive culture.
Research, track, and assess the threat landscape by analyzing relevant threat actors and campaigns.
Analyze and prioritize information to develop actionable intelligence for detection coverage and response readiness.
Partner with Detection Engineering to design and validate threat-based detections through adversary emulation and simulation.
1Password is building the foundation for a safe, productive digital future. They provide password management and access management solutions for businesses. They have surpassed $400M in ARR and have over 180,000 businesses as clients and have a culture that prioritizes collaboration and clear communication.
Define security detection program strategy and roadmap.
Oversee development, testing, and maintenance of detection logic.
Lead and mentor a high-performing team of security operators.
Cribl helps solve IT and Security's data needs. They foster a collaborative, curious, and motivated team environment where employees are passionate about putting customers first and believe in empowering our employees to do their best work, wherever they are.
Build automated detection systems that use disparate signals to identify abusive behavior.
Take systems from idea to proof-of-concept to production-grade with appropriate monitoring, documentation, and maintenance processes
Develop and maintain YARA rule infrastructure, including tools for writing, validating, and testing rules against real data
Anthropic's mission is to create reliable, interpretable, and steerable AI systems to be safe and beneficial for users and society. Their team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.
Engineer and deploy clever controls so security incidents stay rare.
Lead incident response efforts and security tool deployments.
Embrace AI and automation to protect the enterprise at machine speed.
Chainguard provides a secure foundation for software development and deployment. By providing guarded open source software, built from source and updated continuously, Chainguard helps organizations eliminate threats in their software supply chains. They value customer obsession, prioritize intentional action, and trust each other.
Identifying, scoping, and managing ongoing customer incidents, developing remediation plans, and augmenting the customer’s security gaps with the necessary skills and resources to improve their security maturity
Tailoring communication to the customer’s level of expertise, providing education and information to help them understand the bigger picture and make educated decisions
Partnering with the Detection Engineering, Intelligence, and Research teams to further investigate identified or emerging threats relevant to our customers
Zscaler accelerates digital transformation so our customers can be more agile, efficient, resilient, and secure. Our cloud native Zero Trust Exchange platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
Develop, deploy, and optimize bot-mitigation and service-abuse controls.
Develop and maintain automated detection capabilities leveraging IP/ASN intelligence.
Lead bot-related incident response activities, including triage, containment, and root-cause analysis.
Best Egg is a market-leading, tech-enabled financial platform helping people build financial confidence through a variety of installment lending solutions and financial health tools. They offer top-tier benefits and growth opportunities in a culture built on their core values and foster an inclusive, flexible, and fun workplace.
Lead the design, develop, and implementation of incident response playbooks.
Be part of a weekly on-call rotation and support in detection engineering.
Identify areas for security improvement and translate that into workable solutions.
Ping Identity's cloud identity platform enables secure and seamless digital experiences. They are headquartered in Denver, Colorado, with offices and employees around the globe, serving large enterprises.
Lead incident response efforts for high-severity and complex security events.
Perform advanced threat analysis, including APT detection and analysis of threat actor tactics.
Lead continuous improvement initiatives for SOC processes, workflow automation, and detection coverage.
Brightspeed is providing fast, reliable internet connections and customer experience in twenty states throughout the Midwest and South. They are backed by funds managed by Apollo Global Management and are upgrading copper to fiber optic technologies.
Own the configuration, tuning, and management of our SIEM solution.
Perform architecture reviews, code reviews, and infrastructure configuration reviews.
Maintain and optimize a vulnerability management CI/CD pipeline within our container/application delivery infrastructure.
Engine is transforming business travel into something personalized, rewarding, and simple. More than 20,000 companies already rely on Engine to support over 1 million travelers and billions in annual bookings each year.
Manage multiple sub-teams and serve as a trusted advisor.
Align the Detection Engineering & Threat Hunting function with the broader company strategy.
Determine the structural, technological, and budgetary requirements needed to maintain superior detection efficacy.
Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Founded in 2015 by former NSA cyber operators, Huntress protects all businesses with enterprise-grade, fully owned, and managed cybersecurity products. They protect 4M+ endpoints and 7M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do.