Detection & Response Engineer

You get a thrill from solving problems, learning new things, and helping others. You're a superb communicator (written and verbal), enjoy sharing your knowledge with your team, and feel equally comfortable behind a command line and in front of a customer. You aren’t intimidated by code, regex, or occasional ambiguity. You have a basic understanding of the cyber security attack lifecycle, know a little about the MITRE ATT&CK framework, you’ve maybe even written a detection or two to find the bad actors. You’re looking for your opportunity to break into Detection & Response Engineering. If that’s you, we’d love to talk! We have an amazing team and believe you'll love getting to know us.

At Expel, we help businesses bridge the cybersecurity talent gap by providing transparent managed security. To do this we build technology to make sure our security analysts are solving important problems, and robots are handling the rest. We delight in using technology to make security accessible (nay, even enjoyable) for our customers.

What Expel can do for you

• Give you hands on experience creating detection rules to find evil
• Grow your skills in detection and response methodologies and automation
• Enable you to learn from analysts, data scientists, engineers, and responders responsible for various components of Expel’s service and technology
• Provide access to popular EDR, network, SIEM, and cloud technologies
• Facilitate ways to harness event signal from cloud service providers
• Provide an entertaining small and highly transparent startup environment
• Challenge you to push the boundaries of our security vision

What you can do for Expel

• Help ensure our analysts keep learning and doing more sophisticated security work
• Understand and categorize customer needs to inform detection priorities and product features
• Make the operations of our detection pipeline and detection strategies accessible to customers and engagement managers
• Understand technical details but is also able to break those down into a consumable way for less technical audiences
• Continuously improve our detection capability by crafting and iterating on new detection ideas

What you should bring with you

• Familiarity with detection and response tools
• Knowledge of attack vectors, threat tactics, and attacker techniques
• Understanding of Windows and Linux operating systems and command line tools
• Familiarity with networking fundamentals, TCP/IP and core protocols
• Intermediate knowledge of cloud or container platforms
• Excellent tact and diplomacy skills

Additional Information

The base salary range for this role is a base salary between $114,300 USD and $165,700 USD + bonus eligibility and equity.

We believe in paying transparently and equitably. Your salary will ultimately be based on factors such as your experience, skills, team equity, and market data. You’ll also be eligible for unlimited PTO (which we model and encourage), work location flexibility, up to 24 weeks of parental leave, and really excellent health benefits.

Our headquarters is in Herndon, Virginia. However, we realize that while there is a benefit to in-person interaction, good people don’t all live in Northern Virginia. Remote work is an option within the continental US.

We're an Equal Opportunity Employer: You'll receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

We're only hiring those authorized to work in the United States.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

#LI-remote