Senior Threat Detection and Response Engineer - πŸ”΅ Blue Team jobs in United States
cer-icon
Apply on Employer Site
company-logo

Raya Β· 1 day ago

Senior Threat Detection and Response Engineer - πŸ”΅ Blue Team

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

Raya is a technology company that operates an exclusive, membership-based social network, emphasizing connections within creative industries. They are seeking a Senior Threat Detection and Response Engineer to lead internal threat detection and incident response capabilities, ensuring maximum effectiveness for threat identification and containment.

CommunitiesMobile AppsSocial Network
check
H1B Sponsor Likelynote

Responsibilities

Act as the primary internal operations owner and subject matter expert for key security platforms, including Endpoint Detection and Response (EDR), Cloud Detection and Response (CDR), Cloud-Native Application Protection Platform (CNAPP), Security Information and Event Management (SIEM), and Network Detection and Response (NDR). Triage findings from tools like Shodan, Horizon3.ai, and ZeroFox
Continuously monitor, tune, and optimize security tool configurations to ensure maximum detection efficacy and minimize false positives, focusing on the strategic direction of the platforms
Proactively monitor and implement solutions to detect sensor and logging signal loss across all security platforms to ensure complete visibility
Collaborate with internal and vSOC teams to develop, test, and implement new detection use cases and correlated alerts within the SIEM and other platforms
Partner closely with the Infrastructure Security Engineer role regarding the foundational engineering, deployment, and infrastructure health of these security platforms
Regularly execute threat hunting exercises based on current threat intelligence, internal knowledge, and platform capabilities to identify stealthy, pre-execution, or undetected threats across the environment
Immediately triage, prioritize, and drive remediation for critical security vulnerabilities and security findings (e.g., from CNAPP or vulnerability scanners) that warrant treatment as a high-severity security incident
Serve as the internal escalation point for critical alerts from the vSOC. Perform rapid triage, scoping, and initial handling/containment for security incidents
Handle end-to-end incident response and digital forensics for small-scale, routine incidents (e.g., minor malware infections, policy violations)
Act as the technical lead and liaison for larger, complex security incidents, coordinating activities and providing necessary data and context to retained external incident response firms
Develop, refine, and maintain internal runbooks, playbooks, and Standard Operating Procedures (SOPs) for incident response and threat hunting
Serve as the primary technical point of contact between our internal teams and the external vSOC/MSSP partner
Oversee the vSOC's performance, ensuring adherence to established SLAs and quality standards for alert handling, monitoring, and reporting
Guide the vSOC's focus by communicating organizational risks, strategic priorities, and desired operational outcomes
Generate and present regular reports on operational security metrics, incident trends, and vSOC performance to internal stakeholders
Produce and distribute a mandatory monthly security newsletter covering threat intelligence, tool adoption, compliance/best practices, and internal case studies
Develop, update, and manage the mandatory annual security awareness training for all personnel, focusing on relevance, engagement, and high-risk behaviors

Qualification

EDR expertiseSIEM expertiseIncident Response knowledgeCloud Security expertiseThreat Hunting experienceDigital Forensics knowledgeNetwork protocols understandingScripting proficiencyPartnership managementCommunicationDocumentation skills

Required

5+ years of experience in Security Operations, Threat Hunting, Incident Response, or a closely related field
Expert-level hands-on operational and tuning experience with one or more major platforms across EDR (e.g., CrowdStrike, SentinelOne), SIEM (e.g., Splunk, Microsoft Sentinel), and Cloud Security (e.g., CNAPP solutions)
Strong understanding of security alert analysis, log review, data correlation techniques, threat modeling, and alert suppression/refinement
Proven experience in incident triage, evidence preservation, chain of custody, and basic forensic analysis techniques
You must have one of the following: CISSP-ISSAP (Incident Response content within CISSP) – (ISC)Β², GIAC Certified Incident Handler (GCIH) – GIAC, GIAC Cyber Threat Intelligence (GCTI) – GIAC, GIAC Network Forensic Analyst (GNFA) – GIAC, GIAC Certified Forensic Analyst (GCFA) – GIAC, Certified Ethical Hacker (CEH) – EC-Council, EC-Council Certified Incident Handler (ECIH) – EC-Council, Certified Computer Examiner (CCE) – IACIS, EnCase Certified Examiner (EnCE) – Guiding Tech, Certified Forensic Computer Examiner (CFCE) – ISFCE, CREST Registered Incident Handler (CRIH) – CREST, CREST Certified Incident Manager (CCIM) – CREST, ISO/IEC 27035 Lead Implementer (IR process) – PECB/OTHER, Certified Digital Forensics Examiner (CDFE) – Mile2, CompTIA Cybersecurity Analyst (CySA+) β€” CompTIA
Solid understanding of network protocols, operating system internals (Windows, macOS, Linux), and cloud environments (AWS, Azure, or GCP)
Deep understanding of threat detection and incident response within major cloud environments (AWS, Azure, or GCP), including knowledge of cloud logging sources, native security tools, and common attack paths
Familiarity with security concepts and threat detection within container orchestration platforms, such as Kubernetes, OpenShift, or similar variants
Excellent communication, documentation, and partnership management skills

Preferred

GIAC Certified Incident Handler (GCIH) is highly preferred
Direct experience with deploying, configuring, and tuning network security monitoring tools (e.g., Suricata, Snort, Zeek, Corelight) or similar commercial network detection and response (NDR) solutions, especially within cloud environments (AWS/Azure/GCP)
Proficiency in scripting languages (e.g., Python, GoLang) for automating security tasks, incident response steps, or data analysis
Experience with native cloud security services (e.g., AWS Security Hub, Azure Sentinel, GCP Security Command Center)

Benefits

Comprehensive medical and dental coverage
$50 a day food delivery budget
Equity based employment
Great culture
Learning opportunities
Unlimited vacation
12 weeks paid parental leave
$1,000 a year to go somewhere in the world that they’ve never been

Company

Raya

twittertwittertwitter
Glassdoor3.6
company-logo
Raya is an online membership-based community for dating, networking, and accessing exciting opportunities around the world.
dateFounded in 2015
location
Los Angeles, California, USA
people-size51-200 employees
web-link
https://rayatheapp.com/

H1B Sponsorship

Raya has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2024 (2)
2023 (1)

Funding

Current Stage
Growth Stage
Total Funding
unknown
Key Investors
Atlas Finance Group
2019-06-14Undisclosed
2016-12-22Pre Seed

Leadership Team

leader-logo
Matt Kissner
COO
linkedin
leader-logo
Dylan Moore
Senior Software Engineer
linkedin

Recent News

PR Newswire
ResumeBuilder.com Survey: 1 in 3 Dating App Users Are Swiping for Jobs, Not Love
2025-11-07
Business Insider
REDMI 15C: The must-have Xiaomi smartphone this September
2025-09-09
Benzinga.com
Raya: The Dating App That Rejects You More Politely Than Your Ex
2025-08-22
Company data provided by crunchbase