Security Engineer, Threat Detection & Response

Summary

Join Gemini's Threat Detection & Response (TDR) team as a Staff Security Engineer and lead complex projects, own detection infrastructure, and mentor a growing team. This hands-on role blends software engineering with security expertise, requiring collaboration with various teams to enhance security measures. You will design, implement, and maintain detection logic, lead incident investigations, build automation for scalable response, and develop internal tools. The position necessitates strong experience in threat detection and incident response, proficiency in programming languages like Python or Go, and familiarity with detection platforms and containerization technologies. This role requires in-person presence twice a week in either Seattle, WA or New York City, NY office.

Requirements

• Strong experience in threat detection, incident response, or security engineering
• Proficiency in Python, Go, or similar languages used for automation and detection logic
• Deep familiarity with detection platforms (e.g., Splunk, EDR tools) and log pipelines including developing and deploying custom detection rules and pipelines
• Hands-on experience with containerization technologies like Docker and Kubernetes
• Comfort with CI/CD systems, infrastructure as code, and distributed systems
• Clear written and verbal communication, especially under pressure

Responsibilities

• Design, implement, and own detection logic and alerting pipelines across diverse data sources
• Lead investigations of high-severity incidents and postmortem reviews
• Build and maintain automation that enables scalable response and analysis
• Mentor engineers across the team on detection engineering, response workflows, and code quality
• Develop internal tools that help us test, tune, and improve detections
• Partner with teams across Gemini to expand coverage and context in our security data

Preferred Qualifications

• Familiarity with forensics (host, memory, or network) across major operating systems
• Understanding of common attacker techniques and frameworks like MITRE ATT&CK
• Exposure to workflow engines (e.g., Argo, Airflow) and data engineering patterns
• Experience working in cloud-native environments (AWS preferred)
• History of mentoring and supporting engineers in technical growth

Benefits

• Competitive starting salary
• A discretionary annual bonus
• Long-term incentive in the form of a new hire equity grant
• Comprehensive health plans
• 401K with company matching
• Paid Parental Leave
• Flexible time off