Security Engineer – Detection & Response

This is a fully remote position, open to applicants in California, +15 more states.

📋 Description

• Manage the daily operations of Liftoff's SIEM (Panther), including log source ingestion, detection content, and the alert investigation pipeline.

• Spearhead Liftoff's integration of AI-enhanced SOC tools (such as Prophet, Dropzone, or similar) as part of a long-term modernization strategy.

• Assess incoming security alerts and lead timely investigations and resolutions in collaboration with stakeholders in Engineering and IT.

• Oversee incident response activities — including investigation, containment, and post-incident evaluations — and refine processes and runbooks to ensure responses are consistent and repeatable.

• Develop tools and automation that identify active threats, enhance alerts, and minimize manual investigative efforts.

• Collaborate with Engineering and IT to facilitate self-service detection and response where feasible — establishing clear log onboarding procedures, documented detection proposals, and accessible runbooks — allowing security to scale without causing delays.

• Ensure a feedback loop exists between the team's proactive findings and detection coverage.

• Work alongside the security team on cloud, infrastructure, and application security initiatives while maintaining a focus on detection and response — every engineer on this team has a broad scope beyond their primary focus.

• Engage in the Security team's on-call rotation and incident response efforts.

⛳️ Requirements

• Over 5 years of experience in security engineering, security operations, detection engineering, or software engineering with a security emphasis.

• Practical experience with production SIEM operations — including onboarding log sources, creating and maintaining detection content, and triaging alerts.

• Ability to write production-quality code for security automation and detection-as-code initiatives.

• Proven experience in leading or significantly contributing to security incident response efforts.

• Strong technical writing skills — including design documents, runbooks, and post-incident assessments.

• Proven ability to prioritize security tasks using a risk-based approach.

• Capability to quickly navigate large, unfamiliar codebases and understand complex engineering systems.

• Excellent verbal communication skills.

• Willingness to participate in an on-call rotation.

🏝️ Benefits

• Medical coverage

• Wellness stipends

• Additional perks based on your country of residence