← Back to job listings
A
Senior Detection Engineer
ActiveCampaign · United States
About The Role
On a typical day, you might
- Design and deploy sophisticated detection logic across our entire technology stack using detection-as-code principles like YARA-L, Sigma, and KQL.
- Build automated response workflows that independently enrich, triage, and remediate security alerts, effectively eliminating manual toil through advanced SOAR principles.
- Investigate complex security signals —such as novel attack patterns or phishing campaigns—that require deep human judgment and strategic intuition.
- Collaborate cross-functionally with DevOps and Security Engineering teams to adapt detection logic to infrastructure changes before security blind spots can emerge.
- Leverage AI and LLMs as force multipliers to accelerate threat hunting, generate new detection hypotheses, and automate repetitive investigative tasks.
- Lead post-incident reviews with engineering partners, transforming security findings into preventative architectural changes that harden our long-term defense.
- Prototype and test emerging detection capabilities and data sources, ensuring we stay ahead of the threat landscape while participating in an on-call rotation to defend our most critical systems.
What is needed
- 5+ years of hands-on experience in detection engineering, incident response, or security operations within high-growth technology environments.
- Advanced programming proficiency in Python , with a proven ability to build production-quality security automations and custom integrations from scratch.
- Deep expertise in Cloud Security (AWS) , including a comprehensive understanding of IAM, VPC, CloudTrail, and Lambda attack vectors.
- Mastery of detection logic in at least two major languages, such as YARA-L, Sigma, KQL, or SPL.
- A track record of building SOAR workflows or equivalent automation platforms that measurably reduce operational overhead at scale.
- Exceptional communication skills , with the ability to distill complex security risks into actionable insights and influence technical decisions across the organization.
- Experience using AI/LLMs as a strategic tool for threat analysis, investigation automation, and increasing the velocity of security work.
- A self-directed, engineering-first mindset , ideally with a background in SRE, DevOps, or platform engineering and a history of contributing to open-source security projects.
This listing was posted by a verified recruiter at ActiveCampaign. Report this listing
JobSpring