Security Engineer, Detection and Response (Remote)
- San Francisco, CA
Why join us
Brex is reimagining financial systems so every growing company can realize their full potential. As the financial OS, we’re building software and services in one place—disrupting long-entrenched institutions with products and experiences that better serve the ambitions of our customers.
Working at Brex allows you to push your limits, challenge the status quo, and collaborate with some of the brightest minds in the industry. We’re committed to building a diverse team and inclusive culture and believe your potential should only be limited by how big you can dream. We make this a reality by empowering you with the tools, resources, and support you need to grow your career.
Engineering at Brex
The Engineering team includes Data, IT, Security, and Software, and is responsible for building innovative products and infrastructure for Brex and our customers. We believe that engineers should accelerate the business through technology, and collaborate across multiple teams to accomplish that.
Teams are autonomous, value inclusivity, eager to learn, teach and constantly improve how things work. The software we build today is the foundation for dozens of Brex systems in the future, so engineers have a strong sense of ownership and accountability and take pride in their craft.
What you’ll do
As a Detection & Response Engineer, you will focus on detecting and responding to security threats across Brex's corporate and cloud environments, tuning signals across those environments, and developing tools to improve our detection and response capabilities. Additionally, you will contribute to threat hunting exercises and perform research on attacker techniques to ensure that we stay up-to-date on the emerging threat landscape.
You will do this by building solutions, creating tools and practices, and establishing strong partnerships across Engineering. Your role will also involve security assessments and threat modeling during design reviews and other stages of the development lifecycle.
We’re looking for individuals with a strong background and interest in detecting, responding to, and resolving security incidents and other security challenges. You should be comfortable dealing with lots of moving pieces, changing priorities, and new technologies, while having a keen eye towards detail. Most importantly, you should be enthusiastic about working with a variety of backgrounds, roles, and needs. We’re looking for someone to help scale the company with incredible people across the board. Building world-class financial services requires world-class security.
- Work on a cross-functional team to detect and respond to security threats across Brex's corporate and cloud environments
- Research attacker techniques and process threat intelligence to identify new detection and prevention opportunities that mitigate emerging threats
- Create, test, and tune threat detection signals across macOS, Windows, and AWS services
- Contribute to the design and execution of team threat hunting exercises
- Assist with incident response, including investigation, remediation, and documentation
- Take part in designing, building, and maintaining tools and systems that support the threat intelligence, threat detection, and incident response mission
- Collaborating and partnering with other engineering teams to drive remediation of security vulnerabilities, while balancing prioritization of security issues within SLAs and teams’ respective product backlogs.
- Bachelor’s degree in Computer Science, Engineering or related field, or equivalent training, fellowship, or 3+ years work experience
- Experience working in a detection and response or related role, either in a corporate or production environment
- While not primarily a development role, you will contribute to the development and improvement of tooling that’s used across Brex, so some experience with coding is desirable.
- Caring about system design and valuing building things correctly, with an understanding of a MVP approach.
- Familiarity with CI/CD systems and DevOps workflows (e.g - Buildkite, Flux, Git, Terraform)
- Thriving in a collaborative environment filled with a diverse group of people with different expertise and backgrounds (we currently have around 30 nationalities represented with more than ½ the company working in a country different from the one they grew up in).
- Experience with securing distributed systems in AWS
- Contributions to the security community (open source, public research, blogging, presentations, etc)
If you feel like you don’t meet all of the requirements for this role, we encourage you to apply anyways. We know the confidence gap and imposter syndrome gets in the way of meeting incredible candidates and don’t want it to get in the way of meeting you.
Back to top