Jobs · Engineering

Staff Detection and Response Engineer

Spotnana · United States · 2 wk ago
RemoteRemoteEngineering$150k–$190k/yrFull-time

Who We Are

We are Spotnana, a company dedicated to modernizing the travel industry's infrastructure to enhance traveler experiences. Our platform, the Travel-as-a-Service, aims to make every trip better for individuals booking trips, developing travel tools, or offering personalized experiences at scale. We are rethinking industry practices and bringing together talented individuals to build something lasting.

Why Join Us?

Join us as a Staff Detection & Response Engineer and contribute to our mission. You will build, tune, and maintain detection logic across a modern cloud-native security stack, investigate alerts and incidents, and help mature our detection engineering and incident response capabilities.

What You’ll Do

  • Author, test, and maintain detection logic as code across SIEM, EDR, and cloud platforms
  • Investigate security alerts, triage findings, and escalate as appropriate
  • Lead and participate in incident response as both responder and incident commander
  • Conduct threat hunts informed by emerging TTPs and threat intelligence
  • Build and improve automation to accelerate detection, triage, and response workflows
  • Contribute to runbooks, playbooks, and post-incident documentation
  • Collaborate with engineering and infrastructure teams to improve logging coverage and signal quality

Skills & Qualities We Value

  • 4+ years in a detection engineering, SOC, or incident response role
  • Hands-on detection-as-code experience — writing, testing, versioning, and deploying custom detection rules in a CI/CD or Git-based workflow
  • Strong custom detection authoring across at least one SIEM platform (ES|QL, KQL, SPL, or similar query languages)
  • Demonstrated alert investigation and triage skills — comfortable working from raw logs to root cause
  • Incident response experience in both responder and commander capacities, including coordination, containment, and post-incident review
  • Intermediate or above programming proficiency in Python or Go — able to build tooling, parse data, and automate workflows
  • Engineering background in building, deploying, or maintaining security systems (log pipelines, detection infrastructure, integration work)
  • Familiarity with the MITRE ATT&CK framework for mapping detections and threat hunts to adversary TTPs
  • Experience with at least one EDR platform (e.g., Microsoft Defender for Endpoint, CrowdStrike, SentinelOne) — writing custom queries and hunting beyond built-in alerts
  • Threat hunting experience using hypothesis-driven, intelligence-driven, or anomaly-driven approaches
  • Security log pipeline experience — building or maintaining ingestion from diverse sources (cloud APIs, webhook integrations, custom parsers)
  • Version control and CI/CD fluency — Git workflows for detection content

Perks & Benefits

  • Pre-tax and ROTH 401(k) options via Fidelity with up to a 4% company match
  • Comprehensive benefit plans covering medical, dental, vision, life, and disability effective on your hire date. We cover 100% of your employee premiums and 85% of your eligible dependents
  • Flexible PTO in addition to 10 company holidays and an end-of-year company shutdown
  • Up to 26 weeks of parental leave
  • Monthly cell phone/internet stipend
  • Extra perks — IATAN travel membership, pet insurance, financial wellness tools, Calm app access, and more

Similar jobs