Staff Detection and Response Engineer

About AlphaSense: The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content. The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the SP 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us! Location: Remote within USA About The Role AlphaSense's DxR team is looking for a Detection Response Engineer who thrives at the intersection of threat detection, security automation, and incident response. You'll build and tune detections in SIEM, respond to real incidents, and serve as a Tier 3 escalation resource for our 24/7 SOC. This is a hands-on role — you'll own your detections end-to-end and be the last line of defense before executive escalation. You'll be joining a fast-paced security organization that emphasizes automation, engineering-driven approaches, and systematic problem-solving. Our team operates at the intersection of security operations, detection engineering, incident response, and infrastructure security. We value practical solutions, measurable outcomes, and continuous improvement. Key Responsibilities: Detection Engineering Author, tune, and maintain detection rules in SIEM across cloud, identity, and endpoint log sources Convert and adapt SIGMA/YARA-L rules and threat intelligence into SIEM detections Continuously reduce false positives and improve detection fidelity. Map detections to MITRE ATTCK and track coverage across the kill chain Security Automation (SOAR) Develop complex automated response playbooks for multi-stage incidents spanning multiple security tools Integrate security tools via APIs (SIEM, EDR, MDM, CASB, ITSM, threat intelligence platforms) Handle Incident Response processes and procedures as needed Incident Response – Tier 3 / Escalation Act as the senior escalation point for complex, ambiguous, or high-severity incidents Lead technical investigation for P1/P2 incidents — scoping, containment, eradication, and recovery Coordinate with IT, Engineering, Legal, and CISO during major security events Drive tabletop exercises and IR simulations to test and improve team readiness Threat Hunting Intel Proactively hunt for threats across the environment using SIEM, CrowdStrike, and BigQuery Consume and operationalize threat intelligence feeds into new or updated detections Track emerging TTPs relevant to SaaS, fintech, and AI-adjacent threat actors What We Are Looking For: Required 7+ years in security engineering, detection engineering, or IR / SOC (Tier 2 or above) Hands-on experience with a SIEM and SOAR solution Strong understanding of MITRE ATTCK and how to apply it to detection and response Strong experience investigating incidents in cloud environments (AWS, GCP, or Azure) and solid grasp of Cloud, identity and Endpoint security threats. Comfortable writing detection logic, scripts, or automation (Python, YARA-L, SIGMA, or similar) Experience with purple team activities, adversary emulation, or red teaming. Clear written and verbal communication — you can brief a CISO and a junior analyst on the same incident. Preferred Experience implementing and ... (truncated, view full listing at source)