Aircall · 3 hours ago
Senior Security Engineer, Detection & Response - Bellevue
Seattle, WA
Full-time
Onsite
Senior Level
$165K/yr - $210K/yr
5+ years expAircall is a unicorn AI-powered customer communications platform redefining customer communications with integrated solutions. As a Senior Security Engineer, Detection and Response, you will develop and enhance threat detection and response capabilities, lead investigations, and drive the maturity of the detection program.
AnalyticsCall CenterCloud Data ServicesCRMEnterprise ApplicationsSaaSSoftwareTelecommunicationsVoIP
Responsibilities
Lead end-to-end development of detection logic: from threat modeling and hypothesis to writing, testing, tuning, and deploying detection rules and alerts (across logs, telemetry, host, network, cloud)
Build detection pipelines, orchestration, triage logic, and automation for alert handling and response (e.g. SOAR, playbooks)
Conduct threat hunts proactively in corporate and production environments, discovering anomalies and attacker behaviors before they escalate
Lead incident response: investigate, contain, remediate, and perform root cause analysis. Drive post-incident reviews and feed lessons learned back into detection strategy
Assess and fill gaps in visibility—work with engineering teams to ensure logging, instrumentation, and context are sufficient to detect relevant threats
Evolve detection maturity: turn simple signature-based alerts into more advanced behavioral, statistical, ML-driven, and adversary-informed detections, in line with detection engineering maturity models
Author and maintain detection documentation, runbooks, alert definitions, tuning guidelines, and metrics
Collaborate cross-functionally (Engineering, Product, Fraud, Privacy and Legal) to align detection and response work with product lifecycles and system architecture
Be part of on-call rotations or threat-response rotations; escalate, coordinate, and remove blockers during high-severity events
Stay up to date on attacker techniques (MITRE ATT&CK, red team reports, threat intel) and propose new detection patterns or responses accordingly
Participate in hiring, interview evaluation of Security and Infrastructure engineering candidates, and team growth
Qualification
Required
5+ years of hands-on experience in security operations, detection engineering, incident response, threat hunting, or similar fields (or equivalent combination)
Deep knowledge of adversarial tactics, techniques, and procedures (TTPs), threat actor behavior, kill-chain or MITRE ATT&CK framework
Proven experience building detections from scratch (versus just tuning commercial alerts)—i.e. you can turn a hypothesis or a threat intel indicator into a production-quality detection with low false positive rate
Hands-on experience with SIEM or log analytics platforms (e.g. Elasticsearch, Splunk, Datadog, AWS Athena, OpenSearch or equivalent), and alerting/monitoring tooling
Proficiency with a programming or scripting language (e.g. Python, Go, or similar along with IaC - Terraform, Ansible) to build detection pipelines, automations, triage logic, or tooling
Experience in digital forensics, host-based detection, endpoint telemetry, process/network visibility, cloud observability (logs, metrics, traces)
Comfortable working in cloud-first environments (AWS, GCP, Azure) and instrumenting detection across cloud workloads, containers, serverless, etc
Experience responding to incidents (investigating logs, creating timelines, root cause, containment) in production environments
Familiarity with security automation / orchestration (SOAR), playbooks, response automation, and alert triage workflows
Strong communication skills; ability to translate complex detection logic, trade-offs and risk to engineers and leadership
High degree of autonomy, initiative, and ownership; ability to drive entire initiatives with minimal oversight
Preferred
Experience with data analysis, statistics, anomaly detection, or relevant ML/heuristic techniques is a strong plus
Experience evaluating detection efficacy (precision, recall, signal-to-noise, tuning over time)
Experience evolving detection maturity models (from basic rules to advanced behavioral detections)
Open source detection tooling contributions
Benefits
Medical, dental, and vision insurance is 100% covered
401k plan with company matching!
Unlimited PTO — take the time you need to come to work feeling great!
Wellness, internet, and childcare reimbursements
Generous parental leave policy
Company
Aircall
Aircall is a cloud-based call center software that integrates with CRM, productivity, and helpdesk tools.
501-1000 employees
H1B Sponsorship
Aircall has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (9)
2024 (3)
2023 (1)
2020 (4)
Funding
Current Stage
Late StageTotal Funding
$225.55MKey Investors
HubSpot VenturesGoldman Sachs Asset ManagementDTCP
2022-02-23Series Unknown
2021-06-23Series D· $120M
2020-05-27Series C· $65M
Leadership Team
Scott Chancellor
Chief Executive Officer
Pierre-Baptiste Béchu
VP of Communications Platform
Recent News
2025-12-05
2025-12-04
Company data provided by crunchbase