Senior Web Developer developing and maintaining WordPress websites for SiteMinder's hotel commerce platform. Collaborating with marketing teams to support global campaigns and ensuring code quality.
About the role
- Senior Security Engineer developing, scaling, and evolving threat detection and response capabilities for Aircall. Leading investigations and driving the maturity of detection programs.
Responsibilities
- Lead end-to-end development of detection logic: from threat modeling and hypothesis to writing, testing, tuning, and deploying detection rules and alerts (across logs, telemetry, host, network, cloud).
- Build detection pipelines, orchestration, triage logic, and automation for alert handling and response (e.g. SOAR, playbooks).
- Conduct threat hunts proactively in corporate and production environments, discovering anomalies and attacker behaviors before they escalate.
- Lead incident response: investigate, contain, remediate, and perform root cause analysis. Drive post-incident reviews and feed lessons learned back into detection strategy.
- Assess and fill gaps in visibility—work with engineering teams to ensure logging, instrumentation, and context are sufficient to detect relevant threats.
- Evolve detection maturity: turn simple signature-based alerts into more advanced behavioral, statistical, ML-driven, and adversary-informed detections, in line with detection engineering maturity models.
- Author and maintain detection documentation, runbooks, alert definitions, tuning guidelines, and metrics.
- Collaborate cross-functionally (Engineering, Product, Fraud, Privacy and Legal) to align detection and response work with product lifecycles and system architecture.
- Be part of on-call rotations or threat-response rotations; escalate, coordinate, and remove blockers during high-severity events.
- Stay up to date on attacker techniques (MITRE ATT&CK, red team reports, threat intel) and propose new detection patterns or responses accordingly.
- Participate in hiring, interview evaluation of Security and Infrastructure engineering candidates, and team growth.
Requirements
- 5+ years of hands-on experience in security operations, detection engineering, incident response, threat hunting, or similar fields (or equivalent combination).
- Deep knowledge of adversarial tactics, techniques, and procedures (TTPs), threat actor behavior, kill-chain or MITRE ATT&CK framework.
- Proven experience building detections from scratch (versus just tuning commercial alerts)—i.e. you can turn a hypothesis or a threat intel indicator into a production-quality detection with low false positive rate.
- Hands-on experience with SIEM or log analytics platforms (e.g. Elasticsearch, Splunk, Datadog, AWS Athena, OpenSearch or equivalent), and alerting/monitoring tooling.
- Proficiency with a programming or scripting language (e.g. Python, Go, or similar along with IaC - Terraform, Ansible) to build detection pipelines, automations, triage logic, or tooling
- Experience in digital forensics, host-based detection, endpoint telemetry, process/network visibility, cloud observability (logs, metrics, traces).
- Comfortable working in cloud-first environments (AWS, GCP, Azure) and instrumenting detection across cloud workloads, containers, serverless, etc.
- Experience responding to incidents (investigating logs, creating timelines, root cause, containment) in production environments.
- Familiarity with security automation / orchestration (SOAR), playbooks, response automation, and alert triage workflows.
- Strong communication skills; ability to translate complex detection logic, trade-offs and risk to engineers and leadership.
- High degree of autonomy, initiative, and ownership; ability to drive entire initiatives with minimal oversight.
Benefits
- Medical, dental, and vision insurance is 100% covered
- 401k plan with company matching!
- Unlimited PTO — take the time you need to come to work feeling great!
- Wellness, internet, and childcare reimbursements
- Generous parental leave policy
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
ReactNative Developer working on web and app development for one of Germany's largest news brands. Collaborating with a cross - functional team of developers, QA, and product managers.
Senior Developer managing customer projects using React and Next.js at byte5. Involved in all project phases with a focus on strong web solutions and agile work.
Linux Frontend Administrator supporting and managing Linux workstations, enhancing client standards, and automating management tasks. Join established IT company in Kaiserslautern with a strong team spirit.
Join Homebase as a Frontend Software Engineer. Build scalable applications enhancing the developer experience for small business teams.
Frontend Software Engineer assisting Homebase to build AI - powered interfaces that transform small business operations. Collaborating with cross - functional teams to deliver seamless user experiences in a hybrid work setting.
Embedded Linux Engineer developing embedded software for HPE’s BMC platform. Collaborating with a worldwide team on Linux kernel and userspace development.
Front - End Software Engineer developing user interfaces for CtrlChain's logistics platform. Collaborating with teams to create efficient and user - friendly web applications.
Full Stack Developer responsible for developing applications using C# and ASP.Net Core Blazor. Collaborating in interdisciplinary Scrum teams and contributing to new and ongoing projects.
IT Security Analyst supporting Security Operation Center in an international high - tech company. Focused on protecting data and addressing complex security issues.