Job Description

Business Area:

IT

Seniority Level:

Mid-Senior level

At Cloudera, we empower people to transform complex data into clear and actionable insights. With as much data under management as the hyperscalers, we're the preferred data partner for the top companies in almost every industry. Powered by the relentless innovation of the open source community, Cloudera advances digital transformation for the world’s largest enterprises.

As a Senior Security Response Engineer at Cloudera, you will be entrusted with fortifying the security posture of our organization. Your responsibilities will encompass a wide spectrum of threat detection, security analysis, and incident response activities. This role requires not only a deep technical understanding of cybersecurity but also strong problem-solving abilities, effective communication skills, and the capacity to work both independently as well as collaboratively in a team environment.

In this dynamic and critical role within our Incident Response Function, staff will be part of a team responsible for monitoring, detecting, and responding to cybersecurity threats in real-time. The nature of our work requires a 24/7 operational capability, and as such, this position involves a shift schedule to ensure continuous vigilance and response readiness. The role is structured to work in various shift patterns, including days, nights, on-call, weekends, and holidays, with the possibility of extended hours during high-priority incidents. The ability to adapt to a changing schedule and maintain a high level of performance and attention to detail is essential.

As a Senior Security Response Engineer you will:

• Proactively monitor and respond to security alerts and events from various sources, including SIEM, Cloud Security Platforms, EDR, and other technologies.

• Perform detection engineering by not only tuning existing alerts but also developing new, high-fidelity alerts based on ongoing trends, threat intelligence, and findings from past investigations.

• Conduct in-depth analysis of security incidents to determine the root cause and impact, and recommend appropriate mitigation strategies.

• Partner closely with various internal security teams (e.g., Enterprise Security, Cloud Security, Product Security) to manage end-to-end incident response actions and collaborate on cross-functional projects for continuous security improvement.

• Develop and maintain incident response playbooks, processes, standards, procedures, and SOAR (Security Orchestration, Automation, and Response) workflows to streamline response efforts and improve the organization's security posture.

• Participate in threat hunting activities to identify advanced threats and vulnerabilities.

• Identify, Document, and Research Threat Intelligence Findings and Reports.

• Lead and drive projects and strategic initiatives designed to proactively improve the security posture and resilience throughout the entire company.

• Provide mentorship and guidance to junior analysts and engineers.

• Assist in the evaluation and implementation of security tools and technologies.

• Stay up-to-date with emerging threats, vulnerabilities, and industry best practices.

• Continuously pursue forward thinking and unique solutions to security challenges.
  

We are excited about you if you have:

• Robust Analytical Mindset and self-starter with a genuine interest in forward-thinking Cybersecurity.

• Relevant Educational Degree (Information Security / Information Assurance / Cybersecurity) or Equivalent Cybersecurity Work Experience (3-5 Years)

• Three or more years of technical experience in providing Large Enterprise Incident Response, Threat Hunting, or Cloud Security.

• Proficiency with security technologies, including SIEM, EDR, and Cloud Security systems.

• Strong understanding of cyber threats, attack techniques, and incident response methodologies.

• Must be able to independently analyze and respond to alerts and security incidents, including but not limited to triage, root cause analysis, and response coordination.

• Advanced proficiency in Incident Response within Cloud Environments (strong focus on AWS, with Azure and GCP as a plus).

• Deep experience securing and responding to incidents within Kubernetes environments.

• Proficiency in analyzing and responding to threats across macOS, Windows, and Linux-based systems.

• Excellent problem-solving and communication skills.

• Ability to work effectively both independently and as part of a team.
  

You may also have:

• Supporting certifications such as GIAC (GCFA/GCIH/GCFR/GCLD), AWS Certified Security - Specialty, Google Professional Cloud Security Engineer, Microsoft SC-200, or CompTIA CASP/CySA+

• Experience in Automation and/or Orchestration

• Experience with Data Analytics leveraging Machine and/or Deep Learning

• Knowledge of Threat Intelligence Methodologies

• Cloud/Endpoint Digital Forensics Experience

This role is not eligible for immigration sponsorship.

What you can expect from us:

• Generous PTO Policy

• Support work life balance with Unplugged Days

• Flexible WFH Policy

• Mental & Physical Wellness programs

• Phone and Internet Reimbursement program

• Access to Continued Career Development

• Comprehensive Benefits and Competitive Packages

• Paid Volunteer Time

• Employee Resource Groups

EEO/VEVRAA

#LI-BV1

#LI-REMOTE