Senior Security Engineer - Detection Engineering

Summary

Join Fastly's Detection Engineering team as a Senior Security Engineer to develop detections for malicious activity and support security incident investigations across the Fastly environment. You will mature our detection lifecycle, develop advanced detections, build automations, and support security investigations. This role requires experience in security engineering, security incident response, and detection development. You will utilize Splunk, various security tools, and programming languages to identify and investigate threats. The position involves on-call rotations and may require travel. Fastly offers a hybrid work model with office locations in New York, San Francisco, and Denver, with remote options available in the US.

Requirements

• Experience in using and maintaining Splunk for investigating threats, developing detections, normalizing data feeds, and integrating with other tools
• Familiarity of attacker tactics, techniques, and procedures (TTPs) and investigating advanced threats
• Proficiency in one or more general purpose programming languages such as Python, Ruby, Go, or Rust
• Experience with at least one major public cloud infrastructure, such as Amazon Web Services (AWS) or Google Cloud Platform (GCP)
• Familiarity with modern security frameworks and best practices, such as the MITRE ATT&CK framework and NIST CSF
• Experience with Linux administration at scale, associated intrusion/manipulation techniques, and standard methodologies for system hardening and process isolation

Responsibilities

• Develop detections and other analytics to identify threats across cloud, corporate, and edge environments
• Investigate potential security threats and support security incidents
• Research, evaluate, implement, and maintain a variety of custom and commercial security tools, such as EDR, SOAR, and SIEM
• Build custom tooling and automations to improve the detection lifecycle and security incident response
• Develop and maintain incident response playbooks and other detection and response documentation
• Conduct threat hunts to discover unknown malicious activity across our environment
• Participate in our on-call rotations

Preferred Qualifications

• Published security research or have spoken at community events on threat detection or incident response
• Developed automations or tooling to improve security operations
• Have experience developing or deploying a detection CI/CD pipeline, including developing testing criteria and continuous validation (e.g., Splunk Attack Range or Atomic Red Team)
• Familiarity with content delivery networks (CDN), edge cloud platforms, or Fastly products and services

Benefits

• We offer a comprehensive benefits package including medical, dental, and vision insurance
• Family planning, mental health support along with Employee Assistance Program, Insurance (Life, Disability, and Accident), a Flexible Vacation policy and up to 18 days of accrued paid sick leave are there to help support our employees
• We also offer 401(k) (including company match) and an Employee Stock Purchase Program
• For 2025, we offer 11 paid local holidays, 11 paid company wellness days