SandboxAQ is hiring a
Detection and Response Engineer

Summary

Join SandboxAQ, a growing fully remote technology company, and take ownership of detection and response capabilities to strengthen security posture.

Requirements

• U.S. citizenship is required due to USG contract requirements
• Experienced in developing incident response and detection strategy and playbooks end to end from initial detection, response, and through post mortem
• Experienced in identifying detections through incident response and recovery
• Have demonstrated detection engineering methodology
• Proficient SOC operator across multiple tiers
• Have strong familiarity with industry standard SIEM, EDR, detection solutions (especially Sumo Logic, Sentinel One and Tines)
• Able to use scripting languages like Python and be able to manually execute queries against SQL/Elastic/etc
• Excellent communication and cross-functional collaboration skills
• Interested in being one of the first members of an Information Security team

Responsibilities

• Audit and augment our current detection infrastructure (SIEM, EDR, AWS CloudWatch, GCP Security Control Center)
• Design and implement an alerting strategy using our SIEM product and additional tools
• Lead incident response
• Coordinate with broader Information Security team to coordinate threat response and recovery; develop and test our incident response playbooks
• Lay the groundwork for a Security Operations Center
• Manage vendors for tier 1 detection response, incident response

Preferred Qualifications

• Relevant certifications like GCIH, CISSP, SANS
• Experience working in CMMC / ISO 27001 accredited environments

Benefits

• Competitive salaries
• Stock options depending on employment type
• Generous learning opportunities
• Medical/dental/vision
• Family planning/fertility
• PTO (summer and winter breaks)
• Financial wellness resources
• 401(k) plans