Senior Detection Engineer (1st shift)

Posted 25 Days Ago
Easy Apply
Be an Early Applicant
Hiring Remotely in USA
Remote
115K-135K Annually
Mid level
Cloud • Security • Software • Cybersecurity
Red Canary empowers security professionals to transform their organization’s information security.
The Role
The Senior Detection Engineer will analyze EDR telemetry and alerts, develop detectors, improve workflows through automation, provide mentorship, and collaborate effectively with the Cyber Incident Response Team to enhance threat detection and response capabilities.
Summary Generated by Built In

Who We Are

Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats.


The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on the Forbes Best Start-up Employers 2022 list. If our mission resonates with you, let’s talk.


What We Believe In

- Do what’s right for the customer

- Be kind and authentic

- Deliver great quality

- Be relentless


Challenges You Will Solve

The Cyber Incident Response Team (CIRT) continues to push the boundaries of threat detection and response with a unique combination of operations, threat research, and engineering in tight integration with the development team that designs our analysis platform and the Red Canary Threat Detection Engine.


The security landscape is always shifting and introducing new adversaries. The Red Canary CIRT operates 24/7 to track down threats using the entirety of our customer’s data and deliver fast and practical detections to our customers.


This is not a role where you are encouraged to passively accept the current state. At Red Canary, you are empowered to actively look for opportunities to automate repetitive and tedious tasks. We let the automation framework handle the mundane tasks, so that you can remain focused on solving complex and critical problems for our customers.

What You'll Do

  • Use Red Canary’s detection platform to analyze EDR telemetry, alerts, and log sources across several detection domains (Endpoint, Identity, SIEM, Cloud/SaaS, etc.) to uncover threats and tell the story of what occurred in a customer environment.
  • Publish threats for customers using concisely-written communication while effectively conveying key and important indicators
  • Detector Development: Research coverage opportunities then create new detectors, and tune existing ones.
  • Improve the CIRT workflow through orchestration & automation
  • Provide mentorship to your peers and communicate effectively with others for efficient cross-team collaboration
  • Leverage previous SOC experience to enhance the CIRT’s knowledge-base and expertise
  • Actively engage with the CIRT team to challenge the status quo for detecting adversarial behavior
  • Help lead projects to improve the quality of life for both the customer and the CIRT

What You'll Bring

  • Analysis experience and proficiency in one or more of the following functional areas: Endpoint (MDR), Cloud/SaaS, Identity, Email, SIEM
  • Proven experience with automation and orchestration to effectively handle an extreme volume of telemetry and logs in a timely and efficient manner
  • Strong written communication skills, and abilities to work in a team-centric environment
  • Strong analytical thought-process and critical thinking skills to translate disparate activity into the realm of threat analysis
  • Open-source intelligence research skills used in a fast-paced operational environment, and the ability to apply those findings within the analytical workflow to identify threats
  • Experience leveraging Mitre ATT&CK framework, and familiarity with other alternative attack frameworks and threat models
  • Familiarity with backend data structures used for security analysis (JSON, YAML, etc.)
  • Experience using query languages and understanding syntax across EDR or other security platforms (SQL, K, Lucene, etc.)
  • Experience creating and tuning detectors/rules using commonly known tools such as YARA, SIGMA, Snort, Splunk, Elastic, etc.

Bonus Points

  • You enjoy impacting the Infosec community through writing blogs, participating in webinars, and presenting at conference talks
  • Experience using version control software for the deployment of detectors, rules, or other automations (GitHub, CircleCi, etc)
  • Previous Red Team experience

Targeted base salary range: $115,360 - $141,750 + bonus eligibility and equity depending on experience.


**this position will be supporting a 2am to 12pm MT shift, Wednesday - Sunday.


Benefit Highlights:

- 100% Paid Premiums:  Red Canary offers a 100% paid plan option for medical, dental and vision for you and your dependents. No waiting period.

- Health & Wellness - Access to mental health services, Employee Assistance Program and additional programs to incentivize healthy habits.

- Fertility Benefits: All new hires are eligible for benefits as of their first day.

- Flexible Time Off: Take the time you need to recharge including vacation, sick, bereavement, jury duty, and holidays. 

- Paid Parental Leave- Full base pay to bond/care for your new child.

- Pre-Tax Plans - Red Canary offers a variety of plans to fit you and your dependent specific needs including FSA, HRA and HSA, with employer funding to offset out of pocket health care expenses. 

- Flexible Work Environment- With 60% remote workforce, Canaries can work virtually from almost anywhere in the US.


The application deadline is December 6th, 2024.


Why Red Canary?

Red Canary is where people embody our mission to improve security outcomes for all. People work hard to maintain a culture that encourages authenticity in order to do your best work. Our people are driven and committed to finding the best security outcomes, delivering real and actionable answers, and being transparent along the way. 


At Red Canary, we offer a very rich benefits program to our full-time team members so they can focus on their families and improving our customers’ security. For a full list of benefits, please review our Benefits Summary:

https://resource.redcanary.com/rs/003-YRU-314/images/RedCanary_2024BenefitsSummary.pdf?version=0


Individuals seeking employment at Red Canary are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.

Top Skills

Cloud
Edr
SaaS
SIEM

What the Team is Saying

Kenzi
Susannah
Josh
Dave
Diane
Joe
Brianne
Robbie
The Company
HQ: Denver, CO
420 Employees
Remote Workplace
Year Founded: 2014

What We Do

Red Canary is the leading security ally enabling every organization to make its greatest impact without fear of cyber-attack. The company provides outcome-focused solutions for security operations teams, who rely on Red Canary to analyze and respond to endpoint telemetry, manage alerts across the network, and provide cloud environment runtime threat detection. With Red Canary, security teams can make a measurable improvement to security operations within minutes.

Why Work With Us

Red Canary is relentless in our mission to improve information security—not just for our customers, but for the entire community. And it all starts with our people.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Red Canary Offices

Remote Workspace

Employees work remotely.

Typical time on-site: None
HQDenver, CO
Our state-of-the-art HQ is located in the brand new McGregor Square centered in Denver's historic LoDo. From inception we have been hybrid workforce.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account