Senior Security Engineer, Detection & Response (Eastern Preferred)

Position Overview

• Location Type: Remote
• Job Type: FullTime
• Salary: $167.2K - $209K

Docker is a remote-first company dedicated to simplifying the lives of developers building world-changing apps. They provide an integrated development pipeline and application components to accelerate workflows and empower developers worldwide. The Security Team is committed to protecting Docker and its customers, and the Detection and Response Team plays a critical role in identifying, analyzing, and mitigating threats. They are seeking a Senior Detection and Response Engineer with expertise in log pipeline generation to enhance security visibility and response capabilities.

Responsibilities

• Detection as Code & Incident Response:
  • Monitor, detect, and respond to cybersecurity threats.
  • Lead incident investigations, conduct root cause analysis, and automate threat detection and hunting.
  • Develop detection and response playbooks and participate in on-call rotations.
• Log Pipeline Development & Optimization:
  • Design, implement, and maintain log ingestion, parsing, and normalization pipelines across endpoint, network, cloud, and application logs.
  • Ensure log consistency across EDR, SIEM, SOAR, and threat detection tools.
• Automation & Infrastructure as Code (IaC):
  • Use Terraform, Kubernetes, and scripting to automate log infrastructure in cloud environments and improve security monitoring efficiency.
• Compliance & Data Retention:
  • Ensure log storage and retention meet regulatory and security requirements, supporting audit to maintain compliance.
• Cross-Team Collaboration & Security Strategy:
  • Work with Product Security, Infrastructure, DevOps, and IT on various initiatives to mature the Detection Engineering program and strengthen Docker’s overall security posture.
  • Partner with stakeholders to improve threat intelligence, detection, and incident response capabilities.

Requirements

• Background:
  • Degree in Information Security, Computer Science, Computer Engineering, Forensics, or equivalent work experience.
• Experience:
  • 4-5 years of hands-on experience in detection and response, including triage and incident response in enterprise SaaS environments.
• Log Pipeline Expertise:
  • Proven experience in building log ingestion and normalization pipelines across diverse systems.
• Technical Skills:
  • Expertise in Detection as Code, particularly using Python and SQL.
  • Subject matter expert in endpoint security and/or cloud security.
• Knowledge:
  • Strong working knowledge of Mac, Linux.

Application Instructions

• (No specific application instructions were provided in the original job description.)