Senior Detection and Response Engineer

Summary

The job is for a Senior Detection and Response Engineer at CoreWeave, a cloud provider. The role involves designing, implementing, and maintaining advanced threat detection systems to safeguard digital assets against cyber threats. The position requires strong analytical skills, a proactive mindset, and the ability to work collaboratively with cross-functional teams.

Requirements

• Ability to deliver small to medium sized projects that span several technical disciplines and teams
• Ability to take documented detections misses and leverage available people, technology, processes to deliver effective detections
• Strong Experience writing custom alert logic in any major SIEM (eg Splunk, Rapid 7, Sumo Logic, etc.)
• Intermediate understanding of Kubernetes fundamentals and the willingness and desire to grow their working knowledge of Kubernetes
• Experience collaborating as a stakeholder in Purple Team & Red Team engagements
• Practical knowledge of modern TTP frameworks. (Cyber Kill Chain, MITRE ATT&CK)
• Functional knowledge of at least 1 query language. (SQL, Splunk, HiveQL, Humio, FQL)
• Proficiency in at least 2 programming languages (Ex: Python, Bash, Go, JavaScript)
• Intermediate knowledge of Linux or macOS internals
• Intermediate knowledge of Linux or macOS event sources. (eBPF, Endpoint Security Framework)
• Hands-on experience applying the Incident Response Lifecycle

Responsibilities

• Write custom detection logic while working with the Security Operations team
• Assist in the day-to-day operations of the security operations center (SOC), including monitoring, analysis, and response to security incidents and alerts
• Monitor and report the health of all security sensors across CoreWeave’s environment and drive resolution of reported defects
• Demonstrate a keen ability to multitask while still making sound decisions in high pressure situations
• Develop and implement security monitoring and detection strategies to identify and mitigate threats in real-time
• Conduct threat hunting activities to proactively identify and address potential security risks and vulnerabilities
• Coordinate with internal and external stakeholders to investigate security incidents, conduct root cause analysis, and develop remediation plans
• Contribute to security incident response plans and procedures, ensuring timely and effective response to security incidents
• Collaborate with cross-functional teams to implement security controls, policies, and procedures to protect against emerging threats and vulnerabilities
• Stay on top of the latest security trends, threats, and technologies, and make recommendations for improving our security posture
• Participate in security assessments, audits, and compliance initiatives to ensure adherence to regulatory requirements and industry best practices

Benefits

• Medical, dental and vision insurance - 100% paid for the employee
• Company paid Life Insurance
• Voluntary supplemental life insurance
• Short and long-term disability insurance
• Flexible Spending Account
• Tuition Reimbursement
• Mental Wellness Benefits through Spring Health
• Family-Forming support provided by Carrot
• Paid Parental Leave
• Flexible, full-service childcare support with Kinside
• 401(k) with a generous employer match
• Flexible PTO
• Catered lunch each day in our offices
• Weekly massages in NJ office
• A casual work environment
• Work culture focused on innovative disruption