Senior Security Operations Engineer (Detection & Response)

Why you should join the Security and Trust team

Klaviyo is looking for a Senior Detection & Response Engineer to add to our growing security team. This is a hands-on technical role that involves solving complex security problems, threat detection, security orchestration and automation, incident response and developing new tools to take the Detection & Response Program to the next level. As a Senior Detection & Response Engineer you will have the opportunity to provide detection and response thought leadership, take ownership of end-to-end detection development lifecycle, and execute on core detection and response engineering efforts. 

How you will make a difference:

• Develop, test, and deploy high fidelity detections using signatures, heuristics and models
• Establish telemetry data across Klaviyo cloud environment, platforms, and technologies
• Detect and respond to cyber threats and incidents using tools such as a SIEM, IDS, EDR, Firewalls and modern cloud platforms  
• Deploy and optimize detection and response technologies (e.g., SIEM, IDS/IPS, EDR)
• Automate and codify detection and response processes and playbooks
• Conduct ad-hoc threat hunts in support of SecOps, detection, automations or tools
• Build tools, integrations and automations for SecOps and threat detection platforms
• Collaborate across functional teams (site, product, engineering, IT) to understand and protect all aspects of Klaviyo cyber footprint 

We’d love to hear from you if you have:

• 4+ years of hands-on security operations experience in the modern cloud environments
• Hands-on experience with SIEM and centralized logging (e.g., Splunk, ELK)
• Experience securing cloud environments such as AWS, GCP, and/or Azure
• Experience leveraging scripting languages to automate or build features (Bash, Python, Go and/or Ruby)
• Experience with detection-as-code and infrastructure-as-code
• Understand techniques, tools and procedures used by threat actors 
• Subject matter expert in the areas of threat detection and incident response 
• Experience with Security Orchestration, Automation, and Response (SOAR)
• Strong fundamentals of Linux and Mac operating systems