Zigsaw

Security Software Engineer II, Detection and Response

Zigsaw

full-time

Posted on:

Location Type: Hybrid

Location: San FranciscoCaliforniaUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $123,696 - $254,667 per year

Tech Stack

CloudCyber SecurityGoLinuxMacOSPythonRubyTCP/IPUnix

About the role

  • Build alerts and automation workflows to improve capabilities to detect and response to external and internal security threats
  • Manage our logging pipelines and infrastructure and onboard new logging sources to improve our detection coverage
  • Develop and maintain internal tooling to expand and automate team detection and response capabilities
  • Respond to alerts generated from our tooling and run incidents as part of an on-call rotation
  • Collaborate with cross team partners
  • Hunt for previously undetected threats in our environment
  • Leverage AI to streamline and enhance the efficiency, accuracy, and coverage of security engineering.

Requirements

  • Bachelor’s degree in Computer Science, Cybersecurity or a related field or equivalent experience
  • Strong knowledge of intrusion detection and incident response with an engineering focus in a modern cloud first environment
  • Knowledge of the attacker lifecycle, common attack and detection techniques
  • Hands on experience with writing SIEM queries for alerting, response, and threat hunting
  • Experience consuming threat intel and applying it to improve detection capabilities
  • Familiarity with using multiple sources of telemetry for threat investigations: Eg. EDR, Osquery, Firewall logs
  • Understanding of networking technologies and/or network security, basic TCP/IP network fundamentals
  • Depth in ideally MacOS internals, or alternatively in Linux/UNIX or Windows internals, persistence mechanisms, privilege escalation techniques
  • Scripting or automation experience (e.g., Python, Go, Ruby) for tool development or integration
  • Demonstrated ability to use AI to improve speed and quality in your day-to-day workflow for relevant outputs.
  • Strong track record of critical evaluation and verification of AI-assisted work (e.g., testing, source-checking, data validation, peer review).
  • High integrity and ownership: you protect sensitive data, avoid over-reliance on AI, and remain accountable for final decisions and deliverables.
Benefits
  • Equity
  • Flexible work arrangements
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
intrusion detectionincident responseSIEM queriesthreat huntingnetwork securityscriptingautomationAI integrationtelemetry analysispersistence mechanisms
Soft Skills
collaborationcritical evaluationaccountabilityintegrityownership
Certifications
Bachelor’s degree in Computer ScienceBachelor’s degree in Cybersecurity