Principal Detection Engineer

Who We Are

Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats.

The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on the Forbes Best Start-up Employers 2022 list.  If our mission resonates with you, let’s talk.

What We Believe In

- Do what’s right for the customer

- Be kind and authentic

- Deliver great quality

- Be relentless

Challenges You Will Solve

The Cyber Incident Response Team (CIRT) continues to push the boundaries of threat detection and response with a unique combination of operations, threat research, and engineering in tight integration with the development team that designs our analysis platform and the Red Canary Threat Detection Engine.

The security landscape is always shifting and introducing new adversaries. The Red Canary CIRT operates 24/7 to track down threats in endpoint data and deliver fast and actionable detections to our customers.

This is not a role where you are encouraged to passively accept the current state. At Red Canary, you are empowered to actively look for opportunities to automate repetitive and tedious tasks. We let the automation framework handle the mundane tasks, so that you can remain focused on solving complex and critical problems for our customers.

It is expected at the Principal Detection Engineer level, that you already have the skills necessary to immediately lead and contribute to the operational and project needs of the CIRT. This is accomplished by performing analysis of malware, improving our detector footprint, implementing code that will improve our CIRT platform, leading major initiatives within the CIRT, and more. 

• Work independently on highly complex problems across detection, engineering, and workflow to improve Red Canary’s threat reporting and response
• Lead task-organized teams as a technical expert to solve specific, complex problems 
• Use Red Canary’s detection platform, endpoint data, and external resources to uncover threats and tell the story of what occurred in a customer environment
• Perform advanced malware analysis
• Build new detection capabilities into the Red Canary platform based on your research of new attack techniques
• Leverage previous SOC experience to enhance the CIRT’s knowledge-base and expertise
• Improve the CIRT workflow through automation
• Apply mature software development techniques while delivering high-quality, well-tested code in the CIRT platform to fix or improve the operational workflow
• Actively engage with the CIRT team to challenge the status quo for detecting adversarial behavior
• Contribute to improvements that will increase the quality of the Red Canary product

• Demonstrated excellence and sustained, superior performance as a Detection Engineer, SOC Analyst, or similar role.
• Outstanding analytical and problem-solving skills
• Experience successfully leading complex projects and taking ownership of processes with minimal oversight
• Ability to work in a fast-paced, operational environment and successfully prioritize important tasks
• Deep understanding of adversary tactics and techniques
• Analysis experience and proficiency in Endpoint (MDR) and one or more of the following functional area
• Cloud/SaaS
• Identity
• Email
• SIEM
• Experience working with security  telemetry and date from security products and building queries to identify potential threats
• Technical proficiencies across Windows, Linux, and MacOS
• Experienced working with programming languages such as Ruby, Go, Python, and SQL

The targeted base salary for this role is $138,000 - $188,000 per year. This role is also eligible for participation in the company's bonus program, and eligible for a grant of stock options, subject to the approval of the company's board of directors. The application deadline is February 28, 2025.

**this position will be supporting a 8am to 4pm MT shift, Monday - Friday.

Benefit Highlights:

- 100% Paid Premiums:  Red Canary offers a 100% paid plan option for medical, dental and vision for you and your dependents. No waiting period.

- Health & Wellness - Access to mental health services, Employee Assistance Program and additional programs to incentivize healthy habits.  

- Fertility Benefits: All new hires are eligible for benefits as of their first day.

- Flexible Time Off: Take the time you need to recharge including vacation, sick, bereavement, jury duty, and holidays. 

- Paid Parental Leave- Full base pay to bond/care for your new child.

- Pre-Tax Plans - Red Canary offers a variety of plans to fit you and your dependent specific needs including FSA, HRA and HSA, with employer funding to offset out of pocket health care expenses. 

- Flexible Work Environment- With 60% remote workforce, Canaries can work virtually from almost anywhere in the US.

Why Red Canary?

Red Canary is where people embody our mission to improve security outcomes for all. People work hard to maintain a culture that encourages authenticity in order to do your best work. Our people are driven and committed to finding the best security outcomes, delivering real and actionable answers, and being transparent along the way. 

At Red Canary, we offer a very rich benefits program to our full-time team members so they can focus on their families and improving our customers’ security. For a full list of benefits, please review our Benefits Summary:

https://resource.redcanary.com/rs/003-YRU-314/images/RedCanary_2025BenefitsSummary.pdf?version=0

Individuals seeking employment at Red Canary are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.