25 threat detection engineer jobs at 20 companies in Berkeley, CA
6d
Save
Mark Applied
Hide
6d
Engineer II, Threat Detection - Windows (Hybrid)
Sunnyvale or New York City or Austin or Redmond
$100k-$145k/yrHybridFull Time
CrowdStrikeNASDAQ: CRWD: Provides cloud-native endpoint protection and cybersecurity services.
4+ YOEAbility to analyze malware and intrusion telemetry, author behavioral detections for Windows endpoints, use Python/PowerShell for automation, and collaborate with threat intelligence; U.S. citizenship or green card required for CJIS eligibility.
Member of Technical Staff, SecOps & Threat Detection Engineer
San Francisco, California, United States
$265k-$310k/yrOnsiteFull Time
Envoy: Unified workplace management platform for hybrid office operations.
6+ YOE6+ years in security/SRE/infrastructure with security focus; experience building detection, SIEM, EDR (SentinelOne), cloud (AWS), scripting (Python/Go), and strong incident detection and response skills.
LenelS2, Brivo, Genetec, Honeywell, Cisco Meraki, Okta, Microsoft Azure, Microsoft Teams, Slack, ServiceNow, DocuSign, Avigilon Alta, Descartes Visual Compliance, SentinelOne, SIEM, AWS, Python, Go
DTEX Systems: Provides software for insider risk management and data protection.
3+ YOE3+ years full-stack development (Python, Django/Flask, React/TypeScript), deep system knowledge (Windows/Mac/Linux), cybersecurity and detection engineering experience, familiarity with data pipelines, RESTful APIs, AWS, QE/test automation and CI/CD, strong communication.
Illumio: Provides zero-trust segmentation software to contain cyberattacks.
10+ years in threat research/detection engineering; hands-on security work; prior leadership or scale-building experience; strong MITRE ATT&CK knowledge; able to translate research into product insights; excellent communication.
TikTok: Global short-form video hosting and social media platform.
Experience in 24/7 security operations, SIEM/EDR proficiency, detection engineering and threat hunting, scripting for automation, and knowledge of attacker tactics and MITRE ATT&CK.
Gainsight: AI-powered customer success and retention software platform.
6+ YOE6–9 years relevant experience, security operations and engineering background, experience with SOCs, cloud detection across AWS/Azure/GCP, ability to manage distributed teams and detect/mitigate AI threats.
Nuvo: Platform for automating B2B commerce and trade credit management.
5+ YOE5+ years security engineering experience with deep application/product security expertise; experience across cloud, infrastructure, detection; threat modeling, secure design, code review, and building a security program.
Ross StoresNASDAQ: ROST: Discount retail chain selling brand-name apparel and home fashions
7+ YOE7+ years information security experience (5+ with a large organization). Strong knowledge of endpoint, cloud, SIEM, EDR/XDR/MDR, log management, threat detection/response and automation. BLS: bachelor's degree preferred or senior certification; strong analytical, organizational and project estimation skills.
Anti-virus/malware protection, Advanced Threat Protection, Log Collection & Analysis, User Behavior Analytics, Vulnerabilities Management, SIEM, EDR, XDR, MDR, IR, File Integrity Monitoring, Endpoint Security, mobile security
MicrosoftNASDAQ: MSFT: Develops software, services, devices, and cloud computing solutions.
3+ YOEAdvanced degree in CS, Math, or Statistics or equivalent experience; 3–4+ years in software development lifecycle, large-scale computing, threat modeling, cyber security, SOC detection, SIEM, or incident response; knowledge of endpoint security and identity systems.
Entra, Intune, Defender for Endpoint, Defender for Cloud
Exabeam: AI-driven security operations platform for threat detection and response.
10+ YOE2+ Mgmt10+ years in cybersecurity with expertise in threat detection, detection engineering, behavioral analytics, and threat research; 2+ years managing technical teams; hands-on coding with Python and working with large-scale telemetry.
Cylake: Developing an AI-native cybersecurity platform for sovereign environments.
5+ YOE5+ years hands-on SOC experience (analyst, detection engineer, threat hunter, or incident responder); deep fluency in SOC workflows; experience improving tooling/processes; stakeholder engagement and product direction translation.