Senior Security Engineer, Detection & Response

Summary

Join Docker's Security Team as a Senior Detection and Response Engineer and play a critical role in enhancing security visibility and threat detection across Docker's infrastructure. You will lead threat detection, investigation, and automation efforts, working closely with various teams. Responsibilities include developing and optimizing log pipelines, automating infrastructure, ensuring compliance, and collaborating on security initiatives. The ideal candidate possesses extensive experience in detection and response, log pipeline development, and expertise in Detection as Code using Python and SQL. This role offers a remote-first work environment and various benefits.

Requirements

• Background in Information Security, Computer Science, Computer Engineering, Forensics, or equivalent work experience
• 4-5 years of hands-on experience in detection and response, including triage and incident response in enterprise SaaS environments
• Proven experience in building log ingestion and normalization pipelines across diverse systems
• Expertise in Detection as Code, particularly using Python and SQL
• Subject matter expert in endpoint security and/or cloud security
• Strong working knowledge of Mac, Linux, and Windows operating systems
• Hands-on experience with major cloud infrastructures, including AWS, Azure, and GCP
• Demonstrated experience working across multiple teams in collaborative security roles

Responsibilities

• Monitor, detect, and respond to cybersecurity threats
• Lead incident investigations
• Conduct root cause analysis
• Automate threat detection and hunting
• Develop detection and response playbooks
• Participate in on-call rotations
• Design, implement, and maintain log ingestion, parsing, and normalization pipelines across endpoint, network, cloud, and application logs
• Ensure log consistency across EDR, SIEM, SOAR, and threat detection tools
• Use Terraform, Kubernetes, and scripting to automate log infrastructure in cloud environments and improve security monitoring efficiency
• Ensure log storage and retention meet regulatory and security requirements
• Support audit to maintain compliance
• Work with Product Security, Infrastructure, DevOps, and IT on various initiatives to mature the Detection Engineering program and strengthen Docker’s overall security posture
• Partner with stakeholders to improve threat intelligence, detection, and incident response capabilities

Preferred Qualifications

Experience with Kubernetes

Benefits

• Freedom & flexibility; fit your work around your life
• Designated quarterly Whaleness Days
• Home office setup; we want you comfortable while you work
• 16 weeks of paid Parental leave
• Technology stipend equivalent to $100 net/month
• PTO plan that encourages you to take time to do the things you enjoy
• Quarterly, company-wide hackathons
• Training stipend for conferences, courses and classes
• Equity; we are a growing start-up and want all employees to have a share in the success of the company
• Docker Swag
• Medical benefits, retirement and holidays vary by country