Security Engineer, Detection & Response at doxy.me | Torre
Security Engineer, Detection & Response
Report
warning

Heads-up

The job you’re trying to post already exists in Torre:

doxy.me

Security Engineer, Detection & Response

doxy.me
Emma
Emma
You'll build detection systems from scratch, protecting global healthcare and patient trust.
Emma highlights
This highlight was written by Emma’s AI. Ask Emma to edit it.
Full-time

Legal agreement: Employment

Provide your expected compensation while applying
location_on
Remote (for United Kingdom residents)
Match
skeleton-gauges
You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Review preferences
Shared by
Emma of Torre.ai
 about 1 month ago

Requirements and responsibilities

Who You AreYou're a security engineer with a strong software engineering background who'd rather write detection-as-code than click through a SIEM UI. You care about protecting healthcare providers and the patients who depend on them — and you want to build the systems that make that possible.You'll own Doxy.me's detection and security operations function: writing detection rules, building telemetry pipelines, and responding to threats across our cloud-native platform. You'll apply engineering principles to security — detection-as-code over point-and-click, automation over manual toil. Most of your time will be spent on detection engineering, but you'll also contribute to threat modeling and product security alongside the wider team.You're comfortable with ambiguity, self-directed, and motivated by impact. There's no SOC manager — you'll shape this function from scratch.Your SkillsExperience writing and shipping detection rules using a detection-as-code approachStrong programming skills in Python and/or TypeScript; comfortable with SQL for querying security dataExperience with AWS and cloud-native infrastructureFamiliarity with observability and monitoring platforms like DatadogUnderstanding of attacker techniques and frameworks like MITRE ATT&CKExperience with CI/CD pipelines and software engineering workflowsComfort with threat modeling and application security conceptsNice to have:Experience with incident response and forensic investigationFamiliarity with identity and access management systemsThe TeamThe Information Security team at Doxy.me is small and high-impact: a CISO, plus engineers covering corporate security, GRC & compliance, and product & application security. You'll be our first dedicated detection engineer — meaning you'll shape the function, the tooling, and the approach from the ground up. You'll work most closely with our product security engineer on threat modeling and detection strategy, and across the company with product and engineering teams.Detection EngineeringOwn the detection lifecycle end-to-end: research threats, write rules as code, deploy via CI/CD, tune for precision, and maintain over timeBuild and maintain telemetry pipelines that give visibility into application, infrastructure, and identity activityCorrelate signals across multiple data sources to improve detection accuracy and reduce false positivesSecurity Operations & ResponseInvestigate and respond to security events, including containment, remediation, and post-incident analysisBuild automated response workflows that integrate with our cloud infrastructure and identity systemsBroader SecurityPartner with product and engineering teams on threat modelling to identify detection opportunities early in the design processContribute to security monitoring standards, response procedures, and operational playbooksTechnical AssessmentAs part of the interview process, you'll complete a practical assessment focused on detection engineering and threat analysis — or share a portfolio of relevant past work (detection rules, blog posts, open-source contributions, conference talks).Who We AreAt Doxy.me, we're on a mission to connect the world to the future of healthcare. With the trust of over one million providers we are one of the largest Telehealth platforms in the world — but we're not done there. We're HIPAA-regulated and trusted with sensitive patient data across 180+ countries — protecting that trust is why our security team exists.Blending innovative technology and world-class design, we enhance the patient-provider experience and extend the reach of healthcare to every corner of the globe. Our team is motivated by making a difference in the world and pushing the boundaries of what is possible. If you want to change the world by impacting the lives of millions while having fun with a great team, come join us!Our CultureAuthentic: We are sincere and care personally. We don't let egos get in the way — getting to the right answer is more important than being right. We focus on doing the right thing and act with integrity.Bright: We use our intelligence, talent, and curiosity to create simple, innovative, world-class solutions to problems. We are constantly seeking to increase our own brightness through learning and collaboration.Effective: We are hungry self-starters who will get the job done regardless of circumstances. We don't need to be managed or told what to do. We pride ourselves in producing high-quality, world-class results.BenefitsWe are committed to giving you the tools you need to do your best work. We take care of the little things so you can focus on what matters most.Here is a taste of what you can expect:A fun, flexible work environment (work from home or on location at one of our regional hubs)Competitive salaryPaid trainings and certificationsAdvancement opportunities in a growing companyMedical, Vision, and Dental insurance401k matchUnlimited PTOOur employees give us a 4.9 rating on Glassdoor.
Closes in:
0
days
0
hours
0
min
0
sec
Optionally, you can add more information later (benefits, pre-screening questions, etc.)

Thank you

Thank you

check_circle

Payment confirmed

Torre Hunt

Torre Hunt

A member of the Torre team will contact you shortly

In the meantime, continue adding information to your job opening.