Threat Detection and Response Engineer

Remote Full-time
## Role Apply comprehensive knowledge and a thorough understanding of Incident Response concepts, principles, and technical capabilities Collaborate across Information Security and business partners to ensure effective, precise, and rapid response Act as the point of escalation from within the Incident Response team to drive all cyber incidents Identify new detection opportunities, create playbooks, and support new technology implementations to defend against evolving threats Maintain awareness and understanding of the current threat landscape. Analyze threat intelligence with the aim to mitigate potential risks Report the overall health of the SOC via metrics, OKRs, and risk indicators to leadership Provide Incident Response (IR) support when analysis suspects security incidents to help contain and eradicate threats; Perform incident triage, incident response, and forensic investigations across endpoints and cloud environments Conduct technical examinations of computer-based evidence including logs, packet captures, SIEM & IDS events, disk forensics, malware analysis, and more Document incidents from initial detection through final resolution, and present the findings Investigate, document, and report on cyber security issues Create and continuously improve standard processes, operating procedures, and incident response playbooks ## You Curious about who thrives at Whatnot? We’ve found that low ego, a growth mindset, and leaning into action and high impact goes a long way here. As our next Threat Detection and Response Engineer, you should have a minimum of 5+ years of relevant experience in security, preferably in a large enterprise environment, plus: Bachelor’s degree in Computer Science, Information Security, a related field, or equivalent work experience. 5+ years’ experience in cyber incident response, or a similar cyber field, including experience with security principles, and defense-in-depth techniques Experience and understanding of security concepts, SOAR(Tines), EDR, NDR and SIEM (Chronicle) technologies Experience with multiple Cloud Service Providers (AWS, GCP) Excellent written communication skills with the ability to document, communicate, and report security incidents, as well as the status of the implementation and effectiveness of cybersecurity controls with product and business leaders Expected to perform on-call duties Apply tot his job
Apply Now

Similar Opportunities

Infrastructure Automation Architect

Remote Full-time

Temporary, Part-Time, Remote IEP Writer

Remote Full-time

Coordinator, Advocacy-Temporary-Remote-Washington, DC, Atlanta or East Coast

Remote Full-time

Temporary Remote Medical Imaging Processing Agent (MIPS Agent)

Remote Full-time

Temporary Virtual RN (4 month contract)

Remote Full-time

Temporary IT/Technical Pool

Remote Full-time

Temporary Associate Producer, TED Radio Hour

Remote Full-time

**Temporary Remote Catastrophe (CAT) Customer Service Representative**

Remote Full-time

System Application Operator II - 3 Month Temporary Role

Remote Full-time

Temporary Finance and Gift Accounting Specialist

Remote Full-time

Sr Software Developer Engineer in Test (SDET)

Remote Full-time

**Experienced Full Stack Data Entry Specialist – Electronic Document Processing and Client Service**

Remote Full-time

Associate Director, Supply Chain Management (Remote)

Remote Full-time

Spectrum Scholars Program Virtual Event

Remote Full-time

**Experienced Remote Data Entry Clerk – High Accuracy Typing and Database Management**

Remote Full-time

Account Executive (Adtech/Martech) [32808]

Remote Full-time

Student and Faculty Support Services Librarian (Part-Time Temporary)

Remote Full-time

Remote Pipeline Operations Technician – Gulf Coast Infrastructure Monitoring, Safety Management & Permit Coordination (Work‑From‑Home)

Remote Full-time

Remote Digital Marketing Job

Remote Full-time

Intake Administrative Assistant – Amazon Store

Remote Full-time
← Back to Home