Not specified; not specified; remote work, medical...
On-site
5+ years detection and response experience
Endpoint, cloud, and identity security investigation
Sql and log-query analysis skills
The Detection and Response Team identifies, investigates, and responds to threats across Block's endpoints, cloud infrastructure, and SaaS platforms
Job Summary
The Detection and Response Team identifies, investigates, and responds to threats across Block's endpoints, cloud infrastructure, and SaaS platforms.
This operational role involves owning daily security intake, pivoting across telemetry sources to build timelines, and turning recurring patterns into durable system improvements.
Candidates must have an engineering-first mindset to build detections and automate workflows that resolve routine work before it becomes toil.
Matching Summary
The Detection and Response Team identifies, investigates, and responds to threats across Block's endpoints, cloud infrastructure, and SaaS platforms.
Salary
Not specified; Not specified; Remote work, medical insurance, flexible time off, retirement savings plans, modern family planning
Skills & Requirements
Must-have
5+ years detection and response experience
Endpoint, cloud, and identity security investigation
SQL and log-query analysis skills
Attacker TTPs knowledge across macOS Windows Linux
Incident scoping containment and stakeholder communication
Nice-to-have
Threat intelligence and threat hunting experience
Malware analysis and forensic artifact collection
Human-in-the-loop automation or AI-assisted systems
Engineering mindset for eliminating manual patterns
Experience with cross-timezone collaboration
Key Requirements
5+ years in detection response or incident response
Strong SQL and log-query analysis capabilities
Practical working knowledge of attacker TTPs on major OS platforms