Anduril Industries - Costa Mesa, CA

posted about 2 months ago

Full-time - Senior
Costa Mesa, CA
Professional, Scientific, and Technical Services

About the position

The Senior Detection and Response Engineer at Anduril Industries will lead the development and enhancement of Security Operations (SecOps) capabilities. This role involves designing and implementing advanced security architecture, focusing on threat hunting, incident response, and detection engineering to protect military systems and data.

Responsibilities

  • Develop and maintain core SecOps capabilities focusing on threat hunting, purple teaming, detection engineering, runbook automation, and more
  • Lead incident response and investigations across the SecOps function
  • Lead threat modeling scenarios with cross-functional partners to understand weaknesses across Cloud, Mobile, Endpoints, and other facets incorporating findings into security controls and/or detection signatures
  • Develop detection signatures to capture adversarial behavior across a variety of facets including AWS, Endpoints, SaaS applications, network logs, and more
  • Lead threat hunting initiatives, collaborating with various engineering and product teams to emit signals to incorporate into detections, new telemetry ingestion, and/or security controls
  • Build and maintain large-scale data pipelines, ensuring reliability, timeliness, and accuracy of data being ingested across cloud, SaaS, enterprise, and product environments
  • Participate in an on-call rotation responding to security events and conducting incident response investigations while effectively communicating findings to key stakeholders

Requirements

  • Extensive experience operating in and around SecOps functions
  • Experience automating triage and response of detections, cases, and incidents
  • Experience developing detection signatures to detect and prevent adversarial behavior
  • Programming experience in one or more general purpose languages (Python, SQL, Go, Rust, etc)
  • Experience building and refining SIEM tools, large-scale data pipelines, and logging architecture
  • Experience deploying infrastructure as code (Terraform, CDK, CloudFormation, etc)
  • Experience working in a traditional software development lifecycle (i.e. Github, CI/CD, unit testing)
  • Experience conducting incident response in the Cloud (AWS, Azure, GCP)
  • Broad range of practical security knowledge across the spectrum of endpoint, network, identity, application, and cloud infrastructure
  • Strong knowledge of attacker tactics, techniques, and procedures (TTPs)
  • Strong communication skills and experience collaborating with internal and external stakeholders
  • Must be able to obtain and hold a U.S. Top Secret security clearance

Nice-to-haves

  • Experience proactively hunting using threat intelligence to identify potential risks and weaknesses in telemetry
  • Experience building custom security tooling to augment capabilities not found off-the-shelf
  • Experience in security monitoring, log analysis, and detection engineering within large data sets across endpoint, network, and a wide variety of application log sources

Benefits

  • Platinum Healthcare Benefits: 100% covered for employees and 90% for dependents
  • Basic Life/AD&D and long-term disability insurance 100% covered
  • Generous company holiday calendar and highly competitive PTO plans
  • 16 weeks of paid Caregiver & Wellness Leave
  • Family Planning & Parenting Support including fertility and adoption coverage
  • Free mental health resources 24/7 including therapy and life coaching
  • Professional development stipend available to all employees
  • Daily meals and provisions in many offices
  • Company-funded commuter benefits
  • Relocation assistance based on role eligibility
  • 401(k) retirement savings plan (traditional and Roth)
Job Description Matching

Match and compare your resume to any job description

Start Matching
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service