Lambda

Security Engineer – Detection and Response

Lambda

full-time

Posted on:

Location: California • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $296,000 - $445,000 per year

Job Level

Mid-LevelSenior

Tech Stack

AWSAzureCloudGoGoogle Cloud PlatformLinuxPythonSplunk

About the role

  • Build and operate detection systems and detection engineering capabilities across Lambda's infrastructure
  • Qualify reports and lead incident response from initial triage through remediation and retrospective
  • Develop tools and workflows to automate incident response and reduce mean time to resolution
  • Drive prioritization and remediation of security findings across engineering teams in coordination with Security Technical Program Management
  • Participate in on-call rotation and 24/7 security operations to ensure rapid response to security events
  • Research and operationalize threat intelligence specific to AI infrastructure and Lambda's threat landscape
  • Proactively threat hunt for indicators of compromise and suspicious activity
  • Leverage Lambda-hosted LLMs to implement AI-powered detection, automated triage, and intelligent alert correlation
  • Support tabletop exercises and red team activities to test and improve detection coverage and response capabilities

Requirements

  • 3+ years of hands-on security engineering experience and 5+ years of total engineering experience
  • Thrive in high-speed, high-ambiguity startup environments
  • Deep technical expertise with security tooling including SIEM/SOAR platforms, EDR solutions, vulnerability scanners, and cloud security monitoring
  • Excel at solving problems in Python, Go, or similar languages, building automations that scale security impact
  • Proven ability to work effectively with cross-functional technical teams both with and without authority
  • Strong Linux systems experience in both bare metal and cloud environments, understanding infrastructure from kernel to application layer
  • Excellence at translating security concerns into business risk
  • Experience building or contributing to detection engineering programs or incident response capabilities (nice to have)
  • Experience with threat intelligence platforms, threat hunting methodologies, or purple team exercises (nice to have)
  • Deep experience with specific SIEM platforms (Splunk, Elastic, Chronicle) or SOAR solutions (nice to have)
  • Experience driving or providing significant evidence for compliance audits such as SOC 2, ISO 27001, PCI-DSS, HIPAA/HITECH, or FedRAMP (nice to have)
  • Experience developing detection content shared with the security community (Sigma rules, YARA, etc.) (nice to have)
  • Experience responding to incidents in both cloud (AWS, GCP, Azure) and bare metal environments (nice to have)
  • Security certifications like GCIH, GNFA, GCIA, or similar (nice to have)
  • Experience with forensics, malware analysis, or reverse engineering (nice to have)
  • Excitement about leveraging LLMs for detection and response (nice to have)