Detection and Response Engineer

Atlanta, GA

Anduril Industries

Anduril Industries, Inc. is an American defense technology company that specializes in advanced autonomous systems.

View all jobs at Anduril Industries

Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century’s most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril’s family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years.
Anduril's Information Security team is looking for a Detection and Response Engineer to focus on building world class defensive controls to protect the infrastructure around our advanced defense technology products. This is a role with wide berth that will have the latitude to design and implement cutting edge security architecture.

WHAT YOU'LL DO

  • Participate in on-call rotation responding to and triaging security events, performing security investigations, and incident analysis while effectively communicating findings to key stakeholders
  • Participate in threat modeling scenarios with cross-functional partners to understand weaknesses across Cloud, Mobile, Endpoints, and other environments
  • Develop and optimize tailored detection signatures, response playbooks, and response automation using detection-as-code principles
  • Develop and maintain large-scale data pipelines, ensuring reliability, timeliness, and accuracy of data being ingested across cloud, SaaS, enterprise, and product environments
  • Participate in threat hunting initiatives, collaborating with various engineering and product teams to emit signals to incorporate into detections, new telemetry ingestion, and/or security controls

REQUIRED QUALIFICATIONS

  • Broad range of practical security knowledge across the spectrum of endpoint, network, identity, application, and cloud infrastructure
  • Programming experience in one or more general purpose languages (Python, SQL, Go, etc)
  • Experience building and refining SIEM tools, large-scale data pipelines, and logging architecture
  • Experience investigating, responding to, and remediating incidents
  • Experience in security monitoring, log analysis, and detection engineering within large data sets across endpoint, network, and a wide variety of application log sources
  • Strong knowledge of attacker tactics, techniques, and procedures (TTPs)
  • Strong communication skills and experience collaborating with internal and external stakeholders
  • Must be able to obtain and hold a U.S. Top Secret security clearance

PREFERRED QUALIFICATIONS

  • Experience working in a traditional software development lifecycle (i.e. Github, CI/CD, unit testing)
  • Experience conducting incident response in the Cloud (AWS, Azure, GCP)
  • Proficiency in AWS security controls and services
  • Experience proactively threat hunting using threat intelligence to identify potential risks and weaknesses in telemetry
Although we list out what we generally look for, we are very likely missing other attributes and skills that you have that could make you a great fit, but are not currently listed. Research has shown this especially applies to women and other marginalized groups, who tend to apply if they check 100% of every box, versus men who apply if they hit roughly 60%. The point we’re getting at, it doesn’t hurt to take a chance and apply!
#LI-CL1
For Full Time Employment Opportunities: The salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in all offers and are considered part of Anduril’s total compensation package. Additionally, Anduril offers top-tier benefits, including comprehensive medical, dental, and vision plans, employee life and disability, mental health and family planning benefits with all premiums paid by Anduril. Anduril provides fully paid medical leave, paid company holidays, and paid time off. A professional development stipend is available to all Andurilians and all on-site meals are fully subsidized during the work week through use of our gourmet kitchens. The recruiter assigned to this role can share more information about the specific compensation and benefit details associated with this role during the hiring process.
Anduril is an equal-opportunity employer committed to creating a diverse and inclusive workplace. The Anduril team is made up of incredibly talented and unique individuals, who together are disrupting industry norms by creating new paths towards the future of defense technology. All qualified applicants will be treated with respect and receive equal consideration for employment without regard to race, color, creed, religion, sex, gender identity, sexual orientation, national origin, disability, uniform service, Veteran status, age, or any other protected characteristic per federal, state, or local law, including those with a criminal history, in a manner consistent with the requirements of applicable state and local laws, including the CA Fair Chance Initiative for Hiring Ordinance. We actively encourage members of recognized minorities, women, Veterans, and those with disabilities to apply, and we work to create a welcoming and supportive environment for all applicants throughout the interview process. If you are someone passionate about working on problems that have a real-world impact, we’d love to hear from you!

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  14  2  0

Tags: Automation AWS Azure CI/CD Clearance Cloud GCP GitHub Incident response Log analysis Monitoring Python SaaS SDLC Security Clearance SIEM SQL Threat intelligence Top Secret TTPs

Perks/benefits: Career development Competitive pay Equity / stock options Health care Medical leave Team events

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.