Scale Up Your Career.

504
companies
9,340
Jobs
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Senior Security Engineer, Detection & Response (Eastern Preferred)

Docker

Docker

Canada · Mexico · United States
Posted on Apr 2, 2025
Apply now

Docker is a remote first company with employees across Europe, APAC and the Americas that simplifies the lives of developers who are making world-changing apps. We continued to see exponential revenue growth last year. Join us for a whale of a ride!

At Docker, we help developers bring their ideas to life by conquering the complexity of app development. Through an integrated development pipeline and application components, we simplify and accelerate workflows, empowering developers worldwide.

Docker’s Security Team is committed to protecting both our organization and our customers. The Detection and Response Team plays a critical role in identifying, analyzing, and mitigating threats across Docker’s infrastructure. We are now seeking a Senior Detection and Response Engineer with expertise in log pipeline generation to enhance security visibility, threat detection, and response capabilities. This role will lead threat detection, investigation, and automation efforts while working closely with IT, Security & Compliance, and Engineering teams to build high-fidelity security telemetry and enable real-time threat detection, incident response, and forensic analysis.

Responsibilities:

  • Detection as Code & Incident Response – Monitor, detect, and respond to cybersecurity threats, lead incident investigations, conduct root cause analysis, and automate threat detection and hunting. Develop detection and response playbooks and participate in on-call rotations.

  • Log Pipeline Development & Optimization – Design, implement, and maintain log ingestion, parsing, and normalization pipelines across endpoint, network, cloud, and application logs. Ensure log consistency across EDR, SIEM, SOAR, and threat detection tools.

  • Automation & Infrastructure as Code (IaC) – Use Terraform, Kubernetes, and scripting to automate log infrastructure in cloud environments and improve security monitoring efficiency.

  • Compliance & Data Retention – Ensure log storage and retention meet regulatory and security requirements, support audit to maintain compliance

  • Cross-Team Collaboration & Security Strategy – Work with Product Security, Infrastructure, DevOps, and IT on various initiatives to mature the Detection Engineering program and strengthen Docker’s overall security posture. Partner with stakeholders to improve threat intelligence, detection, and incident response capabilities.

Qualifications:

  • Background in Information Security, Computer Science, Computer Engineering, Forensics, or equivalent work experience.

  • 4-5 years of hands-on experience in detection and response, including triage and incident response in enterprise SaaS environments.

  • Proven experience in building log ingestion and normalization pipelines across diverse systems.

  • Expertise in Detection as Code, particularly using Python and SQL.

  • Subject matter expert in endpoint security and/or cloud security.

  • Strong working knowledge of Mac, Linux, and Windows operating systems.

  • Hands-on experience with major cloud infrastructures, including AWS, Azure, and GCP.

  • Experience with Kubernetes is a nice-to-have.

  • Demonstrated experience working across multiple teams in collaborative security roles.

What to expect in the first 30 days

  • Understand Docker’s infrastructure and identify gaps in the current Detection Engineering program.

  • Establish and build collaborative relationships with key security stakeholders.

  • Coordinate and support security incident investigations.

What to expect in the first 90 days

  • Develop a roadmap for log development and optimization.

  • Drive log ingestion and alerting improvements in SIEM and other security tools.

  • Refine existing playbooks with a fresh perspective.

  • Participate in security on-call rotation.

What to expect in the first year

  • Become a key partner within Docker’s cross-functional Security team.

  • Own and mature one or more Detection & Response initiatives.

  • Help shape Docker’s security roadmap and its interconnection with Engineering.

  • Lead educational initiatives to strengthen Docker’s security posture company-wide.

We use Covey as part of our hiring and / or promotional process for jobs in NYC and certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on April 13, 2024.

Please see the independent bias audit report covering our use of Covey here.

Perks (for Full-Time Employees Only)

  • Freedom & flexibility; fit your work around your life

  • Designated quarterly Whaleness Days

  • Home office setup; we want you comfortable while you work

  • 16 weeks of paid Parental leave

  • Technology stipend equivalent to $100 net/month

  • PTO plan that encourages you to take time to do the things you enjoy

  • Quarterly, company-wide hackathons

  • Training stipend for conferences, courses and classes

  • Equity; we are a growing start-up and want all employees to have a share in the success of the company

  • Docker Swag

  • Medical benefits, retirement and holidays vary by country

Docker embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our company will be.

Due to the remote nature of this role, we are unable to provide visa sponsorship.

#LI-REMOTE

Apply now
See more open positions at Docker
Privacy policyCookie policy