Senior Security Engineer, Detection & Response

About the Senior Security Engineer at Headspace:

At Headspace, we're pushing boundaries with cutting-edge innovations and a relentless focus on security posture and purpose-driven impact. As a Senior Security Engineer, you will be at the forefront of automating response playbooks, seamlessly integrating our security tooling, and crafting innovative detection strategies. Join us in transforming the way we approach cloud solutions while advancing your career in a dynamic and meaningful environment where your expertise truly makes a difference.

You will support our efforts to bring innovative features to life, leverage cutting-edge technologies, and ensure our platform's security for over 65 million users. A big goal needs talented leadership, so come join us and give your career a sense of purpose!

What you will do:

• Implement, manage, and maintain critical security tools and infrastructure.
• Lead and respond to security incidents.
• Design and implement automated security investigation, response, and operational workflows.
• Integrate diverse security platforms such as SIEM, SOAR, EDR for a unified defense.
• Conduct proactive threat modeling to identify risks in systems and processes.
• Develop and maintain advanced threat detection rules and analytics.
• Collaborate with partner teams to embed security best practices.
• Research emerging cybersecurity threats, vulnerabilities, and innovative defense strategies.
• Analyze security data to identify trends, measure control effectiveness, and provide reports.
• Participate in security incident response and post-incident reviews
• Contribute to the development of detection strategies and automation playbooks

What you will bring:

• 5+ years of relevant work experience.
• Bachelor’s Degree in Computer Science or Engineering or equivalent.
• Experience in developing and tuning threat detection rules and signatures.
• Understanding of incident response procedures and forensic techniques.
• Proficiency in a scripting language for automation.
• Strong understanding of threat modeling.
• Knowledge of networking, operating systems internals, and cloud (AWS, Azure, GCP) security.
• Excellent analytical, problem-solving, and verbal and written communication skills.
• Experience maintaining procedure documentation for internal and external stakeholders.

Preferred Skills:

• Experience in healthcare

Location:

We are currently hiring this role remotely in the US and Hybrid for San Francisco (SF) and Los Angeles (LA). Candidates must permanently reside in the US full-time.
For candidates with a primary residence in the greater SF and LA areas, this role will follow our hybrid model. You’ll work 3 days per week from our office, allowing for impactful in-office collaboration and connection, while enjoying the flexibility of remote work for the rest of the week. Your recruiter will share more details about our hybrid model. 

Pay & Benefits:

The anticipated new hire base salary range for this full-time position is $122,400-$195,500 + equity + benefits. 

Our salary ranges are based on the job, level, and location, and reflect the lowest to highest geographic markets where we are hiring for this role within the United States. Within this range, individual compensation is determined by a candidate’s location as well as a range of factors including but not limited to: unique relevant experience, job-related skills, and education or training. 
Your recruiter will provide more details on the specific salary range for your location during the hiring process.

At Headspace, base salary is but one component of our Total Rewards package. We’re proud of our robust package inclusive of: base salary, stock awards, comprehensive healthcare coverage, monthly wellness stipend, retirement savings match, lifetime Headspace membership, generous parental leave, and more. Additional details about our Total Rewards package will be provided during the recruitment process. 

How we feel about Diversity, Equity, Inclusion and Belonging:

Headspace is committed to bringing together humans from different backgrounds and perspectives, providing employees with a safe and welcoming work environment free of discrimination and harassment. We strive to create a diverse & inclusive environment where everyone can thrive, feel a sense of belonging, and do impactful work together. 

As an equal opportunity employer, we prohibit any unlawful discrimination against a job applicant on the basis of their race, color, religion, gender, gender identity, gender expression, sexual orientation, national origin, family or parental status, disability*, age, veteran status, or any other status protected by the laws or regulations in the locations where we operate. We respect the laws enforced by the EEOC and are dedicated to going above and beyond in fostering diversity across our workplace. 

*Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Headspace. Please inform our Talent team by filling out this form if you need any assistance completing any forms or to otherwise participate in the application or interview process.

Headspace participates in the E-Verify Program.

Privacy Statement

All member records are protected according to our Privacy Policy. Further, while employees of Headspace (formerly Ginger) cannot access Headspace products/services, they will be offered benefits according to the company's benefit plan. To ensure we are adhering to best practice and ethical guidelines in the field of mental health, we take care to avoid dual relationships. A dual relationship occurs when a mental health care provider has a second, significantly different relationship with their client in addition to the traditional client-therapist relationship—including, for example, a managerial relationship.  

As such, Headspace requests that individuals who have received coaching or clinical services at Headspace wait until their care with Headspace is complete before applying for a position. If someone with a Headspace account is hired for a position, please note their account will be deactivated and they will not be able to use Headspace services for the duration of their employment. 

Further, if Headspace cannot find a role that fails to resolve an ethical issue associated with a dual relationship, Headspace may need to take steps to ensure ethical obligations are being adhered to, including a delayed start date or a potential leave of absence. Such steps would be taken to protect both the former member, as well as any relevant individuals from their care team, from impairment, risk of exploitation, or harm.

For how how we will use the personal information you provide as part of the application process, please see: https://www.headspace.com/applicant-notice