AlphaSense

Staff Incident Response Engineer

AlphaSense

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $128,000 - $161,000 per year

Job Level

Lead

Tech Stack

CloudLinuxMacOSPythonSplunk

About the role

  • Drive the organization's defensive security capabilities across detection engineering, security orchestration, automation, and response (SOAR)
  • Co-lead the organization's threat hunting program
  • Integrate new threat intelligence into high-fidelity detections
  • Automate incident response processes to maximize team efficiency and response speed
  • Collaborate closely with the SOC Manager to co-lead threat hunting initiatives
  • Partner with cross-functional security teams to build and scale security operations capabilities

Requirements

  • 7+ years in security operations with 3+ years in detection engineering, including deep expertise in creating high-fidelity rules (SIGMA, YARA-L, KQL, SPL).
  • Proven track record of building detection strategies across SIEM, EDR, and Cloud platforms, grounded in the MITRE ATT&CK framework.
  • Expert knowledge of SOAR platforms (e.g., Tines, Splunk SOAR, Cortex XSOAR), architecture, and complex playbook development.
  • Proven experience designing and implementing SOAR platform architecture from concept to production.
  • Advanced scripting and automation development skills in Python (required) for API integrations and security tool orchestration.
  • Strong background in threat hunting methodology, hypothesis development, and campaign execution, with experience leading or co-leading hunting programs.
  • Proficiency with data analysis, anomaly detection, and hands-on experience with hunting tools like Jupyter Notebooks, Osquery, and Velociraptor.
  • Deep understanding of attack techniques, lateral movement, persistence mechanisms, and post-exploitation TTPs across Windows, Linux, and macOS.
  • Familiarity with security frameworks including MITRE ATT&CK, PICERL, NIST CSF, and Detection Maturity Models, and incident response best practices.
  • Proven ability to lead technical initiatives, mentor team members, and communicate complex technical concepts to diverse audiences.
Benefits
  • You may also be offered a performance-based bonus
  • equity
  • and a generous benefits program.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
detection engineeringhigh-fidelity rulesSIGMAYARA-LKQLSPLSOAR platformsPythondata analysisanomaly detection
Soft Skills
leadershipcollaborationcommunicationmentoring