Staff Detection and Response Engineer

Описание вакансии

About AlphaSense:

The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content.

The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us!

Location: Remote within USA

About The Role

AlphaSense's DxR team is looking for a Detection & Response Engineer who thrives at the intersection of threat detection, security automation, and incident response. You'll build and tune detections in SIEM, respond to real incidents, and serve as a Tier 3 escalation resource for our 24/7 SOC. This is a hands-on role — you'll own your detections end-to-end and be the last line of defense before executive escalation.

You'll be joining a fast-paced security organization that emphasizes automation, engineering-driven approaches, and systematic problem-solving. Our team operates at the intersection of security operations, detection engineering, incident response, and infrastructure security. We value practical solutions, measurable outcomes, and continuous improvement.

Key Responsibilities:

Detection Engineering

• Author, tune, and maintain detection rules in SIEM across cloud, identity, and endpoint log sources
• Convert and adapt SIGMA/YARA-L rules and threat intelligence into SIEM detections
• Continuously reduce false positives and improve detection fidelity.
• Map detections to MITRE ATT&CK and track coverage across the kill chain

Security Automation (SOAR)

• Develop complex automated response playbooks for multi-stage incidents spanning multiple security tools
• Integrate security tools via APIs (SIEM, EDR, MDM, CASB, ITSM, threat intelligence platforms)
• Handle Incident Response processes and procedures as needed

Incident Response – Tier 3 / Escalation

• Act as the senior escalation point for complex, ambiguous, or high-severity incidents
• Lead technical investigation for P1/P2 incidents — scoping, containment, eradication, and recovery
• Coordinate with IT, Engineering, Legal, and CISO during major security events
• Drive tabletop exercises and IR simulations to test and improve team readiness

Threat Hunting & Intel

• Proactively hunt for threats across the environment using SIEM, CrowdStrike, and BigQuery
• Consume and operationalize threat intelligence feeds into new or updated detections
• Track emerging TTPs relevant to SaaS, fintech, and AI-adjacent threat actors

What We Are Looking For:

Required

• 7+ years in security engineering, detection engineering, or IR / SOC (Tier 2 or above)
• Hands-on experience with a SIEM and SOAR solution
• Strong understanding of MITRE ATT&CK and how to apply it to detection and response
• Strong experience investigating incidents in cloud environments (AWS, GCP, or Azure) and solid grasp of Cloud, identity and Endpoint security threats.
• Comfortable writing detection logic, scripts, or automation (Python, YARA-L, SIGMA, or similar)
• Experience with purple team activities, adversary emulation, or red teaming.
• Clear written and verbal communication — you can brief a CISO and a junior analyst on the same incident.

Preferred

• Experience implementing and migrating SIEM solution
• Familiarity with SOAR platforms — BlinkOps, Tines, Splunk SOAR, or similar
• Security certifications: GCIH, GCIA, GCFE, CySA+, or equivalent
• Experience with CI/CD practices for detection-as-code and automation-as-code.

Why Join AlphaSense Security

• High-Impact Leadership Role: Own critical security capabilities (detection, automation, hunting) with direct organizational impact
• Greenfield Opportunities: Architect and build SOAR platform from the ground up and lead major SIEM migration efforts
• Technical Depth: Solve complex problems at scale with Modern security stack
• Scale & Complexity: Protect a critical platform serving enterprise customers with sophisticated threats
• Autonomy & Influence: Shape security architecture decisions, tool evaluations, and team direction
• Growing Team: Join a growing team with clear structure, specialized roles, and growth trajectory
• Balance & Variety: Split time between strategic architecture (detection, SOAR) and hands-on execution (hunting, investigation)
• Innovation Culture: Implement detection-as-code, automation-as-code, and data-driven security practices

For base compensation, we set standard ranges for all roles based on function and level benchmarked against similar stage growth companies and internal comparables. In order to be compliant with local legislation, as well as to provide greater transparency to candidates, we share salary ranges on all job postings regardless of desired hiring location. Final offer amounts are determined by multiple factors including candidate experience/expertise and may vary from the amounts listed below.

You may also be offered a performance-based bonus, equity, and a generous benefits program.

Base Compensation Range

$130,000—$179,000 USD

AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination.

In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works.

Recruiting Scams and Fraud

We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note:

• AlphaSense never asks candidates to pay for job applications, equipment, or training.
• All official communications will come from an @alpha-sense.com email address.
• If you’re unsure about a job posting or recruiter, verify it on our Careers page.

If you believe you’ve been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.