Applied Methods
~The MetaSecurityDetection & Incident Response

Detection & Incident Response

Engineers in this role design and operate detection systems that identify security threats across AI infrastructure, cloud environments, and enterprise platforms, then lead investigations when incidents occur. They combine deep technical expertise in SIEM/SOAR platforms, forensics, and threat analysis with the ability to automate response workflows and mentor teams on detection improvements. These roles typically sit within dedicated Security Operations or Detection & Response teams at AI-native companies, where they bridge the gap between passive monitoring and proactive threat hunting while scaling security capabilities alongside rapid infrastructure growth.

$ titles --canonical
Security Engineer, Detection & ResponseIncident Response EngineerSOC AnalystThreat Detection EngineerDFIR AnalystSecurity Operations Engineer
Open Jobs61
Companies Hiring23
$02

Skills

What companies are looking for in this role.

$ skills --core

Investigating security incidents including indicators of compromise, malware, phishing, and unauthorized access

95%

Monitoring and triaging security alerts across multiple systems and data sources in real-time

95%

Escalating and coordinating incident response across security and infrastructure teams

90%

Conducting threat hunting missions to identify malicious activity across infrastructure

85%

Managing and supporting security tools including SIEM, EDR, and intrusion detection systems

85%

Conducting threat intelligence research on threat actors, campaigns, tactics, and procedures

85%

Designing and implementing detection rules and custom security detections

85%

Developing incident response playbooks, runbooks, and standard operating procedures

80%

Performing post-incident reviews and providing recommendations for security improvements

80%

Performing technical analysis of malware, infrastructure, and attacker tooling

80%
$ skills --emerging

Designing and developing automation workflows to reduce manual security processes

80%

Building and maintaining threat intelligence tooling and automated pipelines

70%

Building and deploying AI agents for autonomous alert triage and investigation

65%

Developing telemetry architecture and security data foundations across multiple domains

60%

Identifying and implementing AI-specific threat detection for model extraction and data poisoning

55%

Designing detection strategies for attacks targeting distributed AI infrastructure and GPU clusters

50%
$ skills --soft

Working collaboratively across multiple teams including infrastructure, product, and research

85%

Communicating technical security findings clearly to non-technical stakeholders and leadership

80%

Continuously improving processes, procedures, and detection quality through iterative refinement

75%

Taking ownership and demonstrating initiative in ambiguous problem spaces

70%

Mentoring and guiding junior security engineers and operators

65%

Managing relationships with external security vendors and managed service providers

60%
$03

Technology

The tools and technologies that define this role.

$ tech --language
Pythonhigh
Bashmoderate
SQLmoderate
$ tech --framework
n8nlow
$ tech --platform
Cloud infrastructurehigh
Active Directorymoderate
Kubernetesmoderate
Linuxmoderate
SaaS platformsmoderate
Windowsmoderate
GPU clusterslow
macOSlow
$ tech --tool
EDRvery high
SIEMvery high
SOARmoderate
Claude AIlow
$ tech --concept
REST APIhigh
MITRE ATT&CKmoderate
OSINTmoderate
Webhooksmoderate
Kerberoslow
MDRlow
$04

Open Jobs

61 open Detection & Incident Response jobs across 23 companies.

Harvey1d
Detection & Response Security Engineer
New York·Security
CoreWeave3d
Senior Security Operations Engineer I
Singapore·Security
CoreWeave3d
Senior Security Operations Engineer II
Singapore·Security
Nebius5d
Detection Engineering & Response Lead
Remote - Europe·Security
Databricks1w
Sr Security Engineer, Incident Response
Belgium; Finland; Remote - Denmark; Remote - France; Remote - Germany; Remote - Netherlands; Remote - Spain; Remote - Sweden; Remote - United Kingdom; Switzerland·Security
Artemis Security1w
SOC Manager
New York City·Security
Abnormal Security1w
Sr. Embedded Detection Analyst
Remote - USA·Security
Nscale1w
Principal Engineer, Cyber Defense
UK·Security
Block2w
Senior Security Engineer, Security Engineering & Operations
Bay Area, CA, United States of America·Security
CHAOS Industries3w
Cybersecurity SOC Analyst II
Washington, District of Columbia, United States·Security
CHAOS Industries3w
Cybersecurity SOC Analyst II
San Francisco, California, United States·Security
CHAOS Industries3w
Cybersecurity SOC Analyst II
El Segundo, California, United States·Security
Anthropic3w
Security Engineer, Detection & Response
San Francisco, CA | New York City, NY | Seattle, WA; Washington, DC·Security
Scale AI3w
Security Engineer, Detection & Response
New York, NY; San Francisco, CA; Seattle, WA; Washington, DC·Security
Nabla3w
Senior Security Engineer
Paris office·Security
Databricks4w
Sr. Staff Security Assurance Engineer
Mountain View, California; San Francisco, California·Security
Serval4w
Security Engineer, Detection and Response
San Francisco·Security
Anthropic1mo
Senior/Staff Security Engineer, Threat Intelligence
Zürich, CH·Security
Artemis Security1mo
Security Analyst
New York City·Security
Notion1mo
Security Engineer, Detection and Response
San Francisco, California·Security