Security Engineer, Detection & Response

What you'll do

• Own day-to-day operation of Liftoff's SIEM (Panther) — log source ingestion, detection content, and the alert investigation pipeline
• Lead Liftoff's adoption of AI-augmented SOC tooling as a multi-year modernization investment
• Triage incoming security alerts and drive timely investigation and remediation with stakeholders across Engineering and IT
• Lead incident response — investigation, containment, and post-incident review — and mature processes and runbooks
• Build tooling and automation that detects active threats, enriches alerts, and reduces manual investigation toil
• Partner with Engineering and IT to make detection and response self-service where possible
• Close the feedback loop between offensive findings and detection coverage
• Partner across the security team on cloud, infrastructure, and application security work
• Participate in the Security team's on-call rotation and incident response

Requirements

• 5+ years in security engineering, security operations, detection engineering, or software engineering with a security focus
• Hands-on production SIEM operation — onboarding log sources, writing and maintaining detection content, and triaging alerts
• Write production-quality code for security automation and detection-as-code
• Experience leading or substantially contributing to security incident response
• Strong technical writing — design docs, runbooks, and post-incident reviews
• Demonstrated judgment in prioritizing security work using a risk-based approach
• Ability to quickly navigate large, unfamiliar codebases and reason about complex engineering systems
• Excellent verbal communication
• Willing to participate in an on-call rotation

Tech stack

Benefits