Назад
9 дней назад

Security Engineer (Detection & Response)

Формат работы
onsite
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
Slovenia
Вакансия из списка Hirify.GlobalВакансия из Hirify RU Global, списка компаний с восточно-европейскими корнями
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security Engineer (Detection & Response): Strengthening detection, investigation, and containment of security incidents across SIEM, EDR, and cloud environments with an accent on detection logic engineering, telemetry correlation, and reducing false positives and detection gaps. Focus on building and tuning detection rules, improving investigation workflows with SOC partners, and automating response using SOAR playbooks and scripts.

Location: Ljubljana, Slovenia

Company

Robinhood builds financial products and safeguards customers through its Security Operations (SecOps) function.

What you will do

  • Investigate security alerts across SIEM, EDR, and cloud security platforms; analyze logs and coordinate containment/remediation with engineering partners
  • Develop, test, and tune detection rules using query languages to improve signal quality and reduce false positives
  • Correlate telemetry from multiple sources to identify attack patterns and determine response actions
  • Monitor emerging threats and update detection logic based on investigation findings and threat intelligence
  • Build or refine SOAR playbooks and scripts to improve investigation speed and consistency
  • Document incidents and contribute to post-incident reviews with findings and recommended improvements

Requirements

  • 2–4 years of experience in security operations, detection engineering, or incident response
  • Experience analyzing logs and tuning alerts within SIEM, EDR, and cloud security tools
  • Experience writing detections using query languages (e.g., SQL-like, KQL, or similar)
  • Familiarity with threat hunting and investigation techniques across cloud and endpoint environments
  • Clear written and verbal communication skills for incident documentation and collaboration
  • English proficiency is required

Culture & Benefits

  • In-person attendance expected at least 3 days per week
  • On-call rotation participation required to support business needs
  • Performance-driven compensation with bonus programs and multipliers
  • Top-tier benefits including supplemental health insurance, ancillary insurance, and mental health support
  • Flexible employer-paid benefits spending account (“Lifestyle wallet”)
  • Paid time off, sick time, paid volunteer time off, parental leave, and company holidays

Hiring process

  • Application review for this role accepted through June 30, 2026
  • Interviews and evaluation of detection engineering and incident response experience

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →