Red Canary

Senior Detection Engineer (3rd shift)

Remote

Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries

Senior Detection Engineer

Employment Type: Full-time

Who We Are

Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports, and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats. The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on Built In's 2025 Best Places to Work list. If our mission resonates with you, let’s talk.

What We Believe In

  • Do what’s right for the customer
  • Be kind and authentic
  • Deliver great quality
  • Be relentless

Challenges You Will Solve

The Cyber Incident Response Team (CIRT) continues to push the boundaries of threat detection and response with a unique combination of operations, threat research, and engineering in tight integration with the development team that designs our analysis platform and the Red Canary Threat Detection Engine.

The security landscape is always shifting and introducing new adversaries. The Red Canary CIRT operates 24/7 to track down threats using the entirety of our customer’s data and deliver fast and practical detections to our customers.

This is not a role where you are encouraged to passively accept the current state. At Red Canary, you are empowered to actively look for opportunities to automate repetitive and tedious tasks. We let the automation framework handle the mundane tasks, so that you can remain focused on solving complex and critical problems for our customers. It is expected at the Senior Detection Engineer level, that you already have the skills necessary to immediately contribute to the operational and project needs of the CIRT. This is accomplished by performing analysis of malware, improving our detector footprint, implementing code that will improve our CIRT platform, and more.

What You'll Do

  • Use Red Canary’s detection platform to analyze EDR telemetry, alerts, and log sources across several detection domains (Endpoint, Identity, SIEM, Cloud/SaaS, etc.) to uncover threats and tell the story of what occurred in a customer environment.
  • Publish threats for customers using concisely-written communication while effectively conveying key and important indicators.
  • Detector Development: Research coverage opportunities then create new detectors, and tune existing ones.
  • Improve the CIRT workflow through orchestration & automation.
  • Provide mentorship to your peers and communicate effectively with others for efficient cross-team collaboration.
  • Leverage previous SOC experience to enhance the CIRT’s knowledge-base and expertise.
  • Actively engage with the CIRT team to challenge the status quo for detecting adversarial behavior.
  • Help lead projects to improve the quality of life for both the customer and the CIRT.

What You'll Bring

  • Analysis experience and proficiency in Endpoint (MDR) and one or more of the following functional areas: Cloud/SaaS, Identity, Email, SIEM.
  • Proven experience with automation and orchestration to effectively handle an extreme volume of telemetry and logs in a timely and efficient manner.
  • Strong written communication skills, and abilities to work in a team-centric environment.
  • Strong analytical thought-process and critical thinking skills to translate disparate activity into the realm of threat analysis.
  • Open-source intelligence research skills used in a fast-paced operational environment, and the ability to apply those findings within the analytical workflow to identify threats.
  • Experience leveraging Mitre ATT&CK framework, and familiarity with other alternative attack frameworks and threat models.
  • Familiarity with backend data structures used for security analysis (JSON, YAML, etc.).
  • Experience using query languages and understanding syntax across EDR or other security platforms.

Skills

Threat Detection
Malware Analysis
Security Automation
Incident Response
Security Engineering
Data Analysis
Threat Research

Red Canary

Managed detection and response cybersecurity services

About Red Canary

Red Canary provides Managed Detection and Response (MDR) services to help businesses protect their digital assets from cyber threats. Their services include continuous monitoring and expert analysis, which involve collecting and analyzing telemetry data to identify potential security issues in real-time. They focus on Endpoint Detection and Response (EDR) to address threats at the individual device level and conduct ongoing security operations to ensure the effectiveness of their measures. Red Canary stands out from competitors by emphasizing measurable outcomes, using behavioral analytics to detect critical threats, and offering 24/7 expert investigation to minimize false positives. Their subscription-based model allows clients to benefit from ongoing security improvements and support, with the goal of reducing risk and enhancing security for various industries.

Denver, ColoradoHeadquarters
2013Year Founded
$126.4MTotal Funding
SERIES_CCompany Stage
CybersecurityIndustries
201-500Employees

Benefits

Health Insurance
Dental Insurance
Vision Insurance
Mental Health Support
Unlimited Paid Time Off
Parental Leave
Health Savings Account/Flexible Spending Account
Remote Work Options
Stock Options

Risks

Rise of macOS-targeted malware like 'Cthulhu Stealer' poses new threats to clients.
Sophistication of malware-as-a-service platforms requires continuous adaptation of strategies.
Rapid growth in Africa's tech ecosystem presents resource management challenges for Red Canary.

Differentiation

Red Canary offers 24/7 expert threat investigation to filter out false positives.
The company uses behavioral analytics to identify critical threats efficiently.
Red Canary's automated playbooks streamline response actions for improved security posture.

Upsides

Red Canary achieved 50% year-over-year growth in enterprise customer segment in Q3 FY25.
The release of Security Data Lake enhances MDR capabilities with cost-efficient storage.
Todd Chronert's appointment as CRO is expected to drive growth and strengthen partnerships.

Land your dream remote job 3x faster with AI