Lead Threat Detection & Response Engineer

ABOUT THE TEAM

Anduril's Information Security team is looking for a Senior Detection and Response Engineer to focus on building world class defensive controls to protect the infrastructure around our advanced defense technology products. This is a role with wide berth that will have the latitude to design and implement cutting edge security architecture.

Senior Detection and Response Engineer

• Provide technical leadership, vision, and strategy for the advancement of the Detection and Response capability at Anduril
• Collaborate with product security and engineering teams to architect and implement detection and response frameworks for Anduril’s products, assets, and other custom applications
• Build and optimize tailored detection signatures, response playbooks, and response automation using detection-as-code principles
• Lead threat modeling scenarios with cross-functional partners to understand weaknesses across OT, Cloud, Network, Endpoints, and other key worlds incorporating findings into security controls and/or detection signatures
• Lead large-scale baselines of data, collaborating across many teams to emit signals to incorporate into detections, new telemetry ingestion, and/or security controls
• Contribute directly to the development and advancement of our detection-as-code, data engineering, automation, and infrastructure capabilities
• Work cross-collaboratively with different teams to mature the detection and response of threat actors in key worlds, developing data baselines, automation, and engineering capabilities to scale this capability across the business

• Programming experience in one or more general purpose languages (Python, SQL, Go, Rust, etc)
• Experience conducting data analysis in large-scale data lake environments
• Experience deploying infrastructure as code (Terraform, CDK, Cloud Formation, etc)
• Experience working in a traditional software development lifecycle (i.e. Github, CI/CD, unit testing)
• Extensive experience utilizing AWS / Azure security controls and services
• Broad range of practical security knowledge across the spectrum of endpoint, network, identity, application, and cloud infrastructure
• Strong knowledge of attacker tactics, techniques, and procedures (TTPs)
• Strong communication skills and experience collaborating with internal and external stakeholders
• Must be able to obtain and hold a U.S. Top Secret security clearance

• Experience deploying infrastructure using Kubernetes (EKS) and/or Docker containers (ECS)
• Experience proactively threat hunting using threat intelligence to identify potential risks and weaknesses in telemetry

Salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in the majority of full time offers; and are considered part of Anduril's total compensation package. Additionally, Anduril offers top-tier benefits for full-time employees, including:

At Anduril, we invest in our people. Our comprehensive, competitive benefits package (available at little to no cost to employees) ensures you’re supported in health, recovery, and whatever comes next. For more information, explore our benefits.