Detection & Response Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Expel · 1 month ago

Detection & Response Engineer

positionUnited States
timeFull-time
remoteRemote
seniorityEntry, Mid Level
money$118K/yr - $172K/yr
date1+ years exp

Expel is a fast-growing cybersecurity company that focuses on managed security services. The Detection & Response Engineer will be responsible for enhancing threat detection capabilities and automating workflows to improve SOC analyst efficiency.

Cloud SecurityCyber SecurityNetwork SecuritySaaS
check
Growth OpportunitiesbadNo H1Bnote

Responsibilities

Implement, maintain and iteratively improve Expel's ability to detect and investigate threats using integrated technologies with limited direction
Contribute to the growth of Expel’s detection strategy and capability through creation of detections for Expel’s proprietary rule engine
Maintain documentation in support of Expel’s detection and response content
Improve SOC analyst efficiency by automating investigative workflows using an orchestration framework written in Python
Evaluate technology APIs to design detection and response solutions to contribute to improving the value and efficiency in Expel’s Workbench platform
Contribute to and thrive in a culture of experimentation, agile, quality and continuous improvement among the team
Participate in the team’s research and monitoring of the latest threat landscape and subsequent detection and response automation development

Qualification

DetectionResponse toolsPython programmingCustom detectionsWindows operating systemLinux operating systemMacOS operating systemNetworking basicsCloud infrastructureSoft skills

Required

1+ years of experience with detection and response tools, particularly EDR, NSM, and SIEM
1+ years of experience writing, deploying and tuning custom detections based on research or investigative work against common data sets (Windows Event Logs, auditd, CloudTrail, and similar datasets.)
Proficiency of Python, Go or other object oriented programming languages
Strong understanding of Windows, macOS and Linux operating systems and command line tools
Knowledge of networking basics, such as TCP/IP and OSI model
Working knowledge and observations of attack vectors, threat tactics, and attacker techniques
Understanding of cloud infrastructure platforms and their Identity and Access Management (IAM) models

Preferred

Bachelor's degree in Computer Science or Information Security strongly preferred
3+ years of professional experience in information technology or security operations would be ideal but not required

Benefits

Unlimited PTO (which we model and encourage)
Work location flexibility
Up to 24 weeks of parental leave
Really excellent health benefits

Company

Expel

twittertwittertwitter
Glassdoor4.3
company-logo
Expel is a security operations provider that offers managed detection and response, remediation, phishing support, and threat hunting.
dateFounded in 2016
location
Herndon, Virginia, USA
people-size201-500 employees
web-link
http://www.expel.com

Funding

Current Stage
Late Stage
Total Funding
$288.8M
Key Investors
CapitalGIndex VenturesScale Venture Partners
2022-10-03Series E· $31M
2021-11-18Series E· $140.3M
2020-05-13Series D· $50M

Leadership Team

leader-logo
Dave Merkel
Co-founder and Chief Executive Officer
linkedin
leader-logo
Justin Bajko
Co-founder and VP, Strategy & Business Development
linkedin

Recent News

New Enterprise Associates
New Enterprise Associates Portfolio
2025-12-31
TechRadar.com
Beware - ransomware gang is tricking victims with fake Microsoft Teams ads
2025-11-04
PR Newswire
Expel Announces Integration with Google SecOps to Deliver Managed Detection and Response for Google Cloud Customers
2025-10-28
Company data provided by crunchbase