latchhire

Senior Threat Detection Engineer - Intelligence

Miro · Austin
New senior threat detection
Apply on Miro →
We’re looking for a Senior Threat Detection & Intelligence Engineer to help us understand how adversaries operate, detect meaningful threats early, and lead investigations when it matters most. This role sits at the intersection of threat intelligence, detection engineering, and incident investigation with an engineering-first mindset. If you enjoy turning messy signals into clear attacker narratives, this role is for you. About the Team The Cloud Security & Detection & Response (CSDR) team protects Miro by staying ahead of credible threats. We focus on: Translating external threat intelligence into actionable detections Building custom, high-fidelity detections for cloud and SaaS environments Leading complex investigations and incident response Partnering with engineering to drive security by design We care about context, signal quality, and attacker intent not alert volume. What You’ll Do Track emerging threats, attacker techniques, and campaigns relevant to cloud and SaaS Turn threat intelligence into practical detection strategies and attack hypotheses Design and maintain context-aware detections across cloud, identity, and application layers Lead deep investigations, from first signal to root cause and remediation Act as a technical lead during security incidents, guiding response and decision-making Analyze detection and investigation trends to improve preventative controls Partner with engineering teams to raise security maturity across the organization Who This Role Is For This role is a great fit if you: Think in attacker TTPs, not just alerts or dashboards Enjoy investigating ambiguous signals and turning them into clear conclusions Have experience in threat intelligence, threat hunting, or security investigations Care about why something is happening, not just what fired Want to build detection programs that evolve with the threat landscape Are comfortable explaining technical risk in business terms This role is not a fit if you’re mainly focused on compliance, policy writing, or managing vendors. What We’re Looking For 5–7 years in security , with 2+ years in threat detection, threat intelligence, or investigations Experience in cloud-native SaaS environments (AWS strongly preferred) Strong investigation skills and ability to analyze attacker behavior Experience using threat intelligence to inform detection and response Proficiency in Python and comfort automating security workflows Experience querying large datasets (SQL or similar) Familiarity with cloud security telemetry, logging, and detection platforms Solid understanding of incident response and digital forensics Experience with Infrastructure as Code (Terraform or similar) Why You’ll Love This Role You’ll help define how threat intelligence is used, not just consume it You’ll work on real attacker behavior, not checkbox security You’ll have room to build, experiment, and improve detection capabilities You’ll partner closely with engineers who value security as an engineering problem What's in it for you We want you to feel supported, connected, and ready to grow. Our global benefits package generally includes equity, a wellbeing benefit, a WFH equipment allowance, and an annual Learning & Development stipend. Join a diverse team where you can do your best work. Full benefits may differ per location. If you would like to learn more about location-specific benefits, please refer to our Global Miro benefits board . Recruiter: #LI-MH1
Posted 2025-07-18