×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Security Manager

Senior Security Engineer, Detection & Response - Bellevue

Job in Seattle, King County, Washington, 98127, USA
Listing for: Aircall
Full Time position
Listed on 2025-12-01
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Security Manager
Job Description & How to Apply Below

Aircall is the world’s leading integrated customer communications and intelligence platform for growing businesses. Trusted by over 20,000 companies worldwide, Aircall unifies voice and digital channels into one seamless platform, offering one-click integrations with leading CRMs and over 100 business tools. With real-time, AI-powered insights and feedback, AI agents, and automation, we help sales and support teams save time on routine tasks, uncover opportunities, and deliver exceptional customer experiences.

How We Work at Aircall: At Aircall, we believe in customer obsession, continuous learning, and delivering extraordinary outcomes. We value open collaboration, taking ownership, and making smart, informed decisions with speed and precision. If you thrive in a fast-paced, team-driven environment where curiosity, trust, and impact matter, you'll fit right in.

As a Senior Security Engineer, Detection and Response you will contribute to develop, scale, and evolve Aircall’s threat detection and response capabilities. Take ownership of building detections from scratch, leading investigations, and driving the maturity of our detection program.

Responsibilities
  • Lead end-to-end development of detection logic: from threat modeling and hypothesis to writing, testing, tuning, and deploying detection rules and alerts (across logs, telemetry, host, network, cloud).
  • Build detection pipelines, orchestration, triage logic, and automation for alert handling and response (e.g. SOAR, playbooks).
  • Conduct threat hunts proactively in corporate and production environments, discovering anomalies and attacker behaviors before they escalate.
  • Lead incident response: investigate, contain, remediate, and perform root cause analysis. Drive post-incident reviews and feed lessons learned back into detection strategy.
  • Assess and fill gaps in visibility—work with engineering teams to ensure logging, instrumentation, and context are sufficient to detect relevant threats.
  • Evolve detection maturity: turn simple signature-based alerts into more advanced behavioral, statistical, ML-driven, and adversary-informed detections, in line with detection engineering maturity models.
  • Author and maintain detection documentation, runbooks, alert definitions, tuning guidelines, and metrics.
  • Collaborate cross-functionally (Engineering, Product, Fraud, Privacy and Legal) to align detection and response work with product life cycles and system architecture.
  • Be part of on-call rotations or threat-response rotations; escalate, coordinate, and remove blockers during high-severity events.
  • Stay up to date on attacker techniques (MITRE ATT&CK, red team reports, threat intel) and propose new detection patterns or responses accordingly.
  • Participate in hiring, interview evaluation of Security and Infrastructure engineering candidates, and team growth.
Minimum Qualifications
  • 5+ years of hands-on experience in security operations, detection engineering, incident response, threat hunting, or similar fields (or equivalent combination).
  • Deep knowledge of adversarial tactics, techniques, and procedures (TTPs), threat actor behavior, kill-chain or MITRE ATT&CK framework.
  • Proven experience building detections from scratch (versus just tuning commercial alerts)—i.e. you can turn a hypothesis or a threat intel indicator into a production-quality detection with low false positive rate.
  • Hands-on experience with SIEM or log analytics platforms (e.g. Elasticsearch, Splunk, Datadog, AWS Athena, Open Search or equivalent), and alerting/monitoring tooling.
  • Proficiency with a programming or scripting language (e.g. Python, Go, or similar along with IaC - Terraform, Ansible) to build detection pipelines, automations, triage logic, or tooling.
  • Experience in digital forensics, host-based detection, endpoint telemetry, process/network visibility, cloud observability (logs, metrics, traces).
  • Comfortable working in cloud-first environments (AWS, GCP, Azure) and instrumenting detection across cloud workloads, containers, serverless, etc.
  • Experience responding to incidents (investigating logs, creating timelines, root cause, containment) in production environments.
  • Familiarity with security…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search