Senior Security Engineer, Detection & Response
HeadspaceSalary not specified
Full Time
Senior (5 to 8 years)
$130,000 – $150,000Compensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, GovernmentIndustries
Requirements
- 6+ years in Security Operations, Incident Response, or Threat Detection roles
- Strong hands-on experience with SIEM platforms, EDR tools, SOAR pipelines, WAF, and cloud logging/monitoring (AWS preferred)
- Expertise in network security, Linux/Windows internals, containerized workloads, and cloud-native architectures
- Ability to lead incidents end-to-end, including analysis, forensics, containment
Responsibilities
- Develop, tune, and maintain detections across SIEM, EDR, cloud-native logs, WAF and SaaS platforms to reduce noise and improve true positive rates
- Partner with cloud/infrastructure teams to ensure comprehensive log coverage across AWS, Kubernetes, CI/CD pipelines, and core services
- Build detection-as-code and automated response playbooks to improve scalability and consistency
- Conduct proactive threat hunts based on threat intel, anomalous behavior, and TTPs used by modern threat actors
- Analyze incidents, suspicious activity, malware, and exploits to determine impact and prevent recurrence
- Lead deep dives into emerging threats, supply-chain risks, and vulnerabilities affecting the environment
- Serve as a senior escalation point during real-time incidents, leading technical triage, containment, and forensic analysis
- Develop and maintain incident response runbooks, tabletop exercises, and after-action reviews
- Partner with AppSec, IT, and Engineering to drive durable remediation and process improvements
- Administer and optimize security platforms including SIEM, EDR, SOAR, WAF, cloud security tooling (GuardDuty, CloudTrail, Config), vulnerability management, and identity security
- Build scripts, workflows, and integrations that automate repetitive tasks and strengthen OpsGenie/PagerDuty-driven response processes
- Evaluate new technologies to enhance the security operations stack and reduce time-to-detect/time-to-respond
- Support the scanning, triage, and remediation of vulnerabilities across cloud, endpoints, containers, and third-party SaaS tools
- Develop dashboards and metrics (MTTD/MTTR, coverage, SLA adherence, threat trends) for leadership reporting
- Ensure configuration baselines are enforced and monitored across the environment
- Collaborate with Engineering and IT to enable secure cloud, IAM, and network designs
- Provide Tier 3 support during escalations from the SOC analysts and ensure clarity in ownership and response actions
- Contribute to policy, standard, and procedure development to align with SOC 2, GovRAMP, and NIST requirements
Skills
SIEM
EDR
AWS
Kubernetes
CI/CD
WAF
SaaS
detection engineering
incident response
threat hunting
detection-as-code
automated response playbooks
OpenGov
Cloud-based software for government organizations
About OpenGov
OpenGov provides cloud-based software solutions tailored for the public sector, focusing on strategic budgeting, planning, permitting, licensing, and code enforcement. Their products help government organizations transition from paper-based processes to digital workflows, significantly reducing the time and resources needed for tasks like budget creation, which can be completed in half the usual time. OpenGov stands out from competitors by leveraging extensive experience in the public sector to address specific challenges faced by local governments, such as outdated systems and the need for transparency. The company's goal is to empower government leaders with better data analysis tools to enhance decision-making and improve engagement with constituents.
Redwood City, CaliforniaHeadquarters
2012Year Founded
$221.8MTotal Funding
ACQUISITIONCompany Stage
Data & Analytics, Government & Public SectorIndustries
501-1,000Employees
Benefits
Competitive Salary
Work from Anywhere
Unlimited Vacation
Mission-Driven Colleagues
World-Class Healthcare
Professional Development
Family Matters
Amazing Customers
Risks
Increased competition from other SaaS providers targeting the public sector.
Integration challenges from iGovServices acquisition may disrupt existing services.
Reliance on cloud solutions makes OpenGov vulnerable to service outages.
Differentiation
OpenGov specializes in cloud-based solutions tailored for the public sector.
The company offers strategic budgeting, permitting, and licensing software for governments.
OpenGov's software reportedly halves the time needed for budget creation.
Upsides
Growing demand for cloud solutions as governments modernize outdated systems.
Acquisition of iGovServices expands OpenGov's offerings into tax and revenue management.
Rising adoption of electronic bidding systems enhances OpenGov's procurement solutions.
Related Jobs
RemoteRemoteSenior Security Operations Analyst
Vanta$139,000 - $164,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Engineer, Insider Threat Detection & Response
OpenAI$260,000 - $405,000/year
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior Manager, Incident Reponse
Vultr$150,000 - $225,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Response Engineer, Detection Engineering
Chainlink LabsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteCyber Threat Analyst
ArcadiaSalary not specified
- Full Time
- Junior (1 to 2 years), Mid-level (3 to 4 years)
RemoteSr. Engineer - Sensor Security Platform (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)