Security Engineer

REMOTE: INDIA - MUST CROSS OVER TO U.S EST HOURS

FIXED FULLTIME ENGAGEMENT: STARTING AT 6 MONTHS (FULL TIME BENEFITS)

Required Skills & Experience

• 5+ years in detection engineering, threat hunting, or security operations.
• Endpoint & identity detection expertise—CrowdStrike Falcon/IDP preferred—plus strong proficiency in modern SIEMs (e.g., Splunk, Microsoft Sentinel, CrowdStrike “Next‑Gen SIEM”) and SOAR.
• Cloud security across AWS and/or Azure, including secure architecture and workload protections.
• Detection engineering & automation: rule authoring/tuning, query languages (FQL/CQL, KQL, SPL), and scripting (Python/PowerShell).
• Telemetry engineering & troubleshooting: sensor/agent health and log pipelines (e.g., Cribl or similar) to ensure reliable, high‑fidelity detections.

Nice to Have Skills & Experience

• Familiarity with MITRE ATT&CK, NIST 800‑53, and modern detection frameworks.
• Expertise in data pipeline optimization (Cribl or similar) for log normalization and enrichment.
• Strong background in endpoint and identity security (EDR/XDR, MFA, Conditional Access).
• Knowledge of DevSecOps practices: integrating SAST/DAST/SCA into CI/CD and detection‑as‑code workflows.
• Experience with SaaS security posture management and UEBA for cloud apps.
• Exposure to OT/xOT security and industrial network monitoring.
• Certifications such as CISSP, GIAC (GDSA/GMON/GCIA), OSCP, CCSK/CCSP, or vendor‑specific cloud/security certs.
• Familiarity with AI/ML security concepts and adversary emulation techniques.
• Threat intelligence integration: correlating IOCs, leveraging TI platforms, and supporting proactive detection.
• Secure API design and testing aligned with OWASP API Top 10.

Job Description

We are seeking a highly experienced Senior Detection Engineer to lead the development and optimization of advanced threat detection and response capabilities across endpoint, identity, cloud, SaaS, and OT/xOT environments. This role requires deep expertise in the CrowdStrike ecosystem (Falcon Endpoint, Next-Gen SIEM, Identity Protection (IDP), FUSION), SOAR platforms, and cloud security. You will serve as the CrowdStrike SME—owning sensor deployment, troubleshooting, automation, and query development—while partnering with SOC, Cloud, Infrastructure, and Application teams to measurably reduce risk and drive secure architecture and engineering initiatives. This employee will need to work in US hours, specifically 8AM-5PM EST.

Compensation

30LPA-38LPA

Exact compensation may vary based on several factors, including skills, experience, and education.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.