Detection & Response, Security Engineer

WorkosWorkos·Remote(United States)
Software Development

WFA Digital Insight

The demand for skilled security professionals has never been higher, with a reported 25% increase in security breaches in the past year alone. As companies increasingly shift to remote work, the need for experts in detection and response has grown exponentially. WorkOS, a leading provider of modern developer tools and APIs, is at the forefront of this challenge. With their recent

00M Series C funding, they're poised to revolutionize the industry. This role is a unique opportunity for a skilled security engineer to join a fast-growing team and take their detection and response capabilities to the next level. Before applying, candidates should be aware that this is a highly technical role requiring strong expertise in security engineering and threat detection, as well as excellent problem-solving skills.

Job Description

About the Role

The Detection & Response Security Engineer role at WorkOS is a critical position that requires a unique blend of technical expertise and problem-solving skills. As a key member of the security team, you will be responsible for designing, building, and continuously improving threat detections across WorkOS infrastructure, corporate systems, and the WorkOS product itself. Your primary goal will be to identify and respond to security incidents in a timely and effective manner, ensuring the protection of customer data and preventing potential breaches.

The security team at WorkOS is a highly collaborative group with a strong engineering mindset. They are responsible for keeping the data and identities of hundreds of millions of customers secure, and their security program is shaped by hands-on experience attacking and defending systems. The team is committed to embracing the latest advancements in practices and tooling, making them one of the most effective security teams in the industry.

As a Detection & Response Security Engineer, you will have the opportunity to work on a wide range of projects, from building custom detections to investigating incidents and developing playbooks for repeatable response. You will also have the chance to collaborate with the MDR provider to validate detections, tune rules, and coordinate on incidents.

What You Will Do

  • Design and implement detection logic across SIEM, EDR, cloud security tools, and identity systems
  • Build and maintain alerting pipelines to ensure timely incident response
  • Investigate incidents in depth, using data analytics, log analysis, and system forensics
  • Develop playbooks and runbooks for repeatable response
  • Extend detection into the product, instrumenting additional application-level telemetry
  • Build tooling and automation, developing scripts, integrations, and SOAR workflows
  • Improve visibility and logging, ensuring the right logs are collected, normalized, and available
  • Partner with the MDR provider to validate detections, tune rules, and coordinate on incidents
  • Drive threat hunting and security operations maturity
  • Collaborate with engineering and infrastructure teams to ensure the right logs are collected and available

What We Are Looking For

  • 5+ years of experience in security engineering, threat detection, or a related field
  • Strong expertise in designing and implementing detection logic across multiple systems
  • Experience with SIEM, EDR, cloud security tools, and identity systems
  • Excellent problem-solving skills, with the ability to analyze complex incidents and develop effective solutions
  • Strong programming skills, with experience in languages such as Python or Java
  • Experience with automation and tooling, including scripting and integration development
  • Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams
  • Strong understanding of security principles, including threat modeling and risk assessment
  • Experience with cloud security, including AWS or Azure

Nice to Have

  • Experience with machine learning or artificial intelligence
  • Knowledge of threat intelligence and threat hunting
  • Experience with security orchestration, automation, and response (SOAR)
  • Familiarity with agile development methodologies
  • Experience with cloud-based security tools and platforms

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a fast-growing and innovative company
  • Collaborative and dynamic work environment
  • Flexible working hours and remote work options
  • Professional development opportunities, including training and conference attendance
  • Access to cutting-edge security tools and technologies
  • Recognition and reward for outstanding performance
  • Comprehensive health insurance package
  • Generous paid time off and vacation policy
  • Remote stipend and home office setup support

How to Stand Out

  • Be prepared to provide specific examples of your experience with detection and response, including any relevant certifications or training.
  • Make sure to highlight your technical skills, including programming languages and security tools.
  • Show a willingness to learn and adapt, as the security landscape is constantly evolving.
  • Be prepared to discuss your approach to threat hunting and security operations maturity.
  • Consider creating a portfolio or repository of your work, including any relevant projects or code samples.
  • Research the company and their products, and be prepared to ask informed questions during the interview process.
  • Don't be afraid to ask about the company culture and values, and how they support the well-being and growth of their employees.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.