Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Security Engineer (Detection & Response): Strengthening detection, investigation, and containment of security incidents across SIEM, EDR, and cloud environments with an accent on detection logic engineering, telemetry correlation, and reducing false positives and detection gaps. Focus on building and tuning detection rules, improving investigation workflows with SOC partners, and automating response using SOAR playbooks and scripts.
Location: Ljubljana, Slovenia
Company
Robinhood builds financial products and safeguards customers through its Security Operations (SecOps) function.
What you will do
- Investigate security alerts across SIEM, EDR, and cloud security platforms; analyze logs and coordinate containment/remediation with engineering partners
- Develop, test, and tune detection rules using query languages to improve signal quality and reduce false positives
- Correlate telemetry from multiple sources to identify attack patterns and determine response actions
- Monitor emerging threats and update detection logic based on investigation findings and threat intelligence
- Build or refine SOAR playbooks and scripts to improve investigation speed and consistency
- Document incidents and contribute to post-incident reviews with findings and recommended improvements
Requirements
- 2–4 years of experience in security operations, detection engineering, or incident response
- Experience analyzing logs and tuning alerts within SIEM, EDR, and cloud security tools
- Experience writing detections using query languages (e.g., SQL-like, KQL, or similar)
- Familiarity with threat hunting and investigation techniques across cloud and endpoint environments
- Clear written and verbal communication skills for incident documentation and collaboration
- English proficiency is required
Culture & Benefits
- In-person attendance expected at least 3 days per week
- On-call rotation participation required to support business needs
- Performance-driven compensation with bonus programs and multipliers
- Top-tier benefits including supplemental health insurance, ancillary insurance, and mental health support
- Flexible employer-paid benefits spending account (“Lifestyle wallet”)
- Paid time off, sick time, paid volunteer time off, parental leave, and company holidays
Hiring process
- Application review for this role accepted through June 30, 2026
- Interviews and evaluation of detection engineering and incident response experience
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →