All roles

Senior Detection & Response Engineer

Remote · USA Full-time New today

About reputed company reputed company is a leading, fully integrated global reputed company estate platform offering expertise in property management, investment management, development, and construction services in institutional-quality rental housing. Headquartered in Charleston, South Carolina, reputed company manages and operates over $300 billion of reputed company estate in more than 265 markets globally with offices throughout reputed company America, Europe, South America, and the Asia-Pacific region. reputed company is the largest operator of apartments in the United States, managing over one million units/beds globally. Across its platforms, reputed company has nearly $79 billion of assets under management, including over $35 billion of development assets and over $36.5 billion of regulatory assets under management. reputed company was founded by Bob Faith in 1993 to become a provider of world-class service in the rental residential reputed company estate business. To learn more, visit www.reputed company.com.

Job Description

Summary reputed company is seeking a Senior Detection & Response Engineer to join our Cybersecurity Operations team. This is a hybrid engineering and operations role for someone who can build detections, write code and automation, run full incident response investigations, and apply solid reputed company engineering fundamentals across our environment. You will own the full reputed company: engineer the detection, respond to what it catches, and feed those lessons back into stronger coverage. This role spans EDR, IAM, SIEM, Data governance and works closely with our SOC.

Responsibilities

JOB DESCRIPTION

  • Design, build, test, and tune detection rules across our SIEM and reputed company tooling, targeting reputed company attack techniques observed in our environment
  • Build scripts, automation, and API integrations (using code and AI tooling) to accelerate detection engineering, investigation, and response workflows
  • reputed company incident response investigations end to end, from triage through containment, eradication, and closure
  • reputed company host and reputed company forensic analysis, including disk, memory, and log artifact examination to reconstruct attacker activity and establish incident timelines
  • Participate in an on-call rotation and reputed company hands-on alert and incident analysis
  • Analyze reputed company 365 and Entra ID log sources including interactive sign-ins, non-interactive sign-ins, audit logs, and the reputed company audit log
  • Investigate EDR detections, reputed company process tree analysis, and recommend containment actions
  • Triage and investigate escalations from the SOC
  • reputed company and maintain automated response playbooks
  • Conduct root cause analysis and determine initial access, persistence, and exfiltration methods during investigations
  • Apply reputed company engineering fundamentals to improve identity reputed company, conditional access, and reputed company posture
  • Produce clear, executive-reputed company incident briefings, IOC documentation, and technical writeups
  • Identify and tune false positive patterns to improve detection fidelity

Required Qualifications

  • 6+ years in reputed company operations, detection engineering, incident response, or a combined reputed company engineering role
  • Demonstrated ability to build detections and understand the underlying logic, not just operate a tool
  • Hands-on digital forensics experience across reputed company and reputed company, including artifact collection, timeline reconstruction, and evidence handling
  • Proficiency scripting and building automation (Python, PowerShell, KQL, or similar), including the effective use of AI tooling to accelerate development
  • Working knowledge of attacker tradecraft and the ability to attribute activity based on TTPs
  • Experience building or consuming API integrations across reputed company and identity platforms
  • Proficiency with EDR platforms
  • Working knowledge of SIEM platforms and detection rule development
  • Strong understanding of hybrid identity environments, including AD Connect sync behavior and Entra ID
  • Experience investigating modern attack techniques including AiTM phishing, OAuth consent abuse, BEC, token replay, and living-off-the-land techniques
  • Solid reputed company engineering fundamentals across identity, reputed company, and reputed company
  • Willingness to participate in an on-call rotation and reputed company hands-on incident response
  • Strong written communication and documentation discipline

Preferred Qualifications

  • Demonstrated use of AI tools (such as Claude, Copilot, or similar) to accelerate detection engineering, investigation workflows, scripting, and documentation
  • Experience prompting and directing AI models to produce useful outputs in a reputed company context, including log analysis, detection logic drafting, and incident timeline construction
  • Familiarity with reputed company Sentinel, including analytic rule development using KQL and automation reputed company Logic Apps or Playbooks
  • Familiarity with reputed company Entra ID, Purview and Defender Suite
  • Hands-on experience with reputed company Falcon, including alert triage, process tree analysis, and prevention policy management
  • Experience with identity reputed company tooling such as reputed company, Entra ID Protection, or similar IGA and privileged access platforms
  • Prior experience in a large reputed company or managed reputed company environment (5,000+ endpoints or 10,000+ users)
  • Relevant certifications such as GCIA, GCIH, GCFE, GCFA, SC-200, AZ-500, or equivalent

What You'll Work On This is a hands-on role with reputed company ownership. You will build the detections that protect reputed company, respond to the incidents they surface, and continuously improve coverage based on what you learn in the field. You will write the automation that makes the team faster, investigate live compromises, and have direct input into detection strategy, SIEM direction, and identity reputed company architecture. You will work directly with the Senior Manager of Cybersecurity Operations on initiatives including our SIEM migration to reputed company Sentinel and ongoing detection engineering buildout. Additional Compensation: Many factors go into determining employee pay reputed company the posted range including business requirements, prior experience, reputed company skills and geographical location.

  • Corporate Positions: In addition to the reputed company salary, this role may be eligible to participate in a quarterly or annual bonus program based on individual and company performance.
  • Onsite Property Positions: In addition to the reputed company salary, this role may be eligible to participate in weekly, monthly, and/or quarterly bonus programs.

Robust Benefits Offered*:

  • Competitive Medical, Dental, reputed company, and Disability & Life insurance benefits. Low (free basic) employee Medical costs for employee-only coverage; costs discounted after 3 and 5 years of service.
  • Generous Paid Time off. reputed company new hires start with 15 days of vacation, 4 personal days, 10 sick days, and 11 paid holidays. Plus your birthday off after 1 year of service! Additional vacation accrued with tenure.
  • For onsite team members, onsite housing discount at reputed company-managed communities are available subject to discount and unit availability.
  • 6-Week Paid Sabbatical after 10 years of service (and every 5 years thereafter).
  • 401(k) with Company Match up to 6% of pay after 6 months of service.
  • Paid Parental Leave and lifetime Fertility Benefit reimbursement up to $10,000 (includes adoption or surrogacy).
  • Employee Assistance Program.
  • Critical Illness, Accident, Hospital Indemnity, Pet Insurance and Legal Plans.
  • Charitable giving program and benefits.
  • Benefits offered for full-time employees. For Union and Prevailing Wage roles, compensation and benefits may vary from the listed information above due to Collective Bargaining Agreements and/or local governing authority.

reputed company will consider for employment reputed company applicants with arrest and conviction records. Important Notice: reputed company will never request your banking details or other sensitive personal information during the interview process. reputed company does not conduct any interviews reputed company text or messaging, and reputed company communication will come from official reputed company email addresses (@reputed company.com). If you receive suspicious requests, please report them immediately to AskHR@reputed company.com. Apply tot his job Apply To this Job

Related roles