Austin; Boston; San Francisco; Seattle; Washington DC Hybrid Full-time USD 182,000 – 202,000 / year

HackerOne is hiring a Senior Security Engineer, Detection and Response

Responsibilities

  • Design, build, and maintain detection-as-code capabilities across cloud infrastructure, SaaS applications, endpoints, and identity systems, improving coverage and signal quality through Data-Driven Decision Making
  • Build automated investigation and response workflows that replace manual runbooks, leveraging AI First principles to scale triage, enrichment, containment, and remediation
  • Develop and deploy AI/LLM-powered tooling to accelerate investigations, reduce alert fatigue, and extend team capacity beyond traditional headcount constraints, embedding AI First practices into daily workflows
  • Lead and participate in incident response, including detection, investigation, containment, and retrospectives, applying First Principles Problem Solving to identify root causes and improve long-term resilience
  • Partner cross-functionally with engineering and platform teams to expand logging, improve observability, and embed detection capabilities into the development lifecycle
  • Continuously improve detection quality by analyzing alert performance, tuning for signal, and building feedback loops between incidents and detections using Data-Driven Decision Making
  • Proactively identify gaps in visibility or coverage and translate ambiguous problem spaces into concrete detection and response solutions through First Principles Problem Solving
  • Adapt quickly to evolving threats, tools, and priorities, helping the team maintain momentum and effectiveness through Change Agility

Requirements

  • 5+ years of experience in detection and response, security engineering, or software engineering with a security focus
  • Strong software engineering fundamentals with proficiency in Python, Go, Ruby, or similar languages, and experience working in production codebases
  • Hands-on experience with cloud environments (AWS preferred), including services such as CloudTrail, GuardDuty, and VPC flow logs
  • Experience with log aggregation and analysis platforms (e.g., Datadog, Splunk, ELK) and endpoint detection tools (e.g., SentinelOne, CrowdStrike)

Nice to Have

  • Experience building AI/LLM-powered security tooling or applying AI to detection, triage, or investigation workflows
  • Experience with detection-as-code frameworks or building custom detection pipelines
  • Familiarity with containerized environments (Docker, Kubernetes, ECS/EKS)
  • Experience with threat intelligence, threat hunting, forensics, or attacker tradecraft frameworks such as MITRE ATT&CK

Benefits

  • Health (medical, vision, dental), life, and disability insurance
  • Equity stock options
  • Retirement plans
  • Paid public holidays and unlimited PTO
  • Paid maternity and parental leave
  • Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)
  • Employee Assistance Program

Additional Information

  • Employment at HackerOne is contingent on a background check
  • Visa/work permit sponsorship is not available
  • For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position
Required Skills
PythonGolangRuby
About company
HackerOne
HackerOne is a global leader in offensive security solutions. The HackerOne Platform combines AI with the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security.
All jobs at HackerOne Visit website
Job Details
Department Office of the CISO
Category security
Posted 2 months ago