Senior Security Engineer, Detection and Response

Crusoe is on a mission to accelerate the abundance of energy and intelligence. As the only vertically integrated AI infrastructure company built from the ground up, we own and operate each layer of the stack — from electrons to tokens — to power the world's most ambitious AI workloads. When you join Crusoe, you join a team that is building the future, faster.

We're in the midst of the greatest industrial revolution of our time. The demand for AI compute is boundless, and power is a bottleneck. We're solving that — with an energy-first approach that makes AI infrastructure better for the world and faster for the people innovating with AI.

We're looking for problem-solving, opportunity-finding teammates with a sense of urgency, who believe in the scale of our ambition and thrive on a path not fully paved — people who want to grow their careers alongside a team of experts across energy, manufacturing, data center construction, and cloud services.

If you want to do the most meaningful work of your career, help our customers and partners advance their AI strategies, and be part of a high-performing team that believes in each other, come build with us at Crusoe.

Crusoe Security & Compliance is hiring a Senior Detection Engineer to play a critical role in safeguarding Crusoe, our customers, and ensuring our security posture remains robust against emerging threats. This role involves influencing the detection strategy, creation, tuning, validation, and correlation to maintain effective detections against an ever-changing threat landscape. The role is hands-on, encompassing the development of detection technologies and incident response.

• Leadership & Strategy:

  • Develop and execute a comprehensive security operations strategy that aligns with organizational goals, ensuring robust protection against current and future cyber threats.

  • Evaluate and implement emerging security technologies and methodologies to continuously enhance our security posture and operational efficiency.

  • Partner with stakeholders and cross-functional teams (Engineering, Product, SRE, IT, Legal) to adapt in a dynamic security landscape.

• Detection and Incident Response:

  • Design, implement, and fine-tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities.

  • Continuously tune alerting rules to reduce false positives and enhance our signal-to-noise ratio.

  • Perform forensics and lead response efforts during security incidents, including triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution.

• Operational Security:

  • Drive the advancement and growth of detection and automation initiatives.

  • Manage security event monitoring, management, response workflows, and tasks.

  • Improve security operations by developing measurement capabilities and metrics to track and communicate performance, coverage, and risk.

• Automation and Improvement:

  • Author comprehensive runbooks, write automation scripts, and build SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.

  • Create, maintain, and manage a library of automated playbooks to address new threats and tactics employed by attackers.

• Documentation and Compliance:

  • Develop standard operating procedures and other appropriate documentation to enforce quality and consistency of services being delivered.

  • Support ongoing security compliance, audit, and certification programs (e.g., HIPAA, SOC 2).

• You have 6+ years in cybersecurity, with a focus on detection, response and automation.

• Technical proficiency with protection of on-premise computing environments and proficiency with one or more major cloud computing environments (GCP a plus).

• Experience with network security at scale.

• Experience working with and implementing Detection as Code workflows.

• Strong expertise in incident handling and forensic investigation.

• Strong knowledge of the modern cyber threat landscape.

• Automation-first mindset, including experience integrating AI into response workflows.

• Experience integrating threat intel into automated response workflows

• Demonstrated expertise in mentoring and training peers in security engineering.

• Expertise in python scripting and automation.

• Exceptional collaboration and communication skills, with the ability to engage with partners and stakeholders from various perspectives and technical understanding.

• Familiarity with modern infrastructure tools, such as Terraform, Docker, Kubernetes, and Ansible.

• Experience building and scaling open source security observability solutions.

• Experience with Unix/Linux environments.

• Experience responding to incidents on Windows and Mac endpoints.

• Self-motivated, with good communication and writing skills.

• Must be able to pass a background check

• Embody the Company values