Security Engineer, Detection & Response at Doxy.me

As the first dedicated Detection & Response Engineer, you will build a greenfield security function from the ground up for a HIPAA-regulated telehealth leader. Moving beyond traditional SIEM management, you will implement a detection-as-code philosophy, automating threat visibility and response across a high-scale AWS environment to protect millions of patients worldwide.

• Own the end-to-end detection lifecycle, from threat research to writing and deploying rules via CI/CD using a detection-as-code approach.
• Build and maintain robust telemetry pipelines to correlate signals across AWS infrastructure, identity systems, and application logs.
• Lead incident response efforts, including forensic investigations and the development of automated containment workflows to mitigate emerging threats.

• Proven experience in detection engineering with a strong software engineering background in Python, TypeScript, or SQL.
• Deep technical proficiency in AWS security, cloud-native infrastructure, and modern observability platforms like Datadog.
• Expert understanding of attacker techniques (MITRE ATT&CK) and the ability to translate threat models into high-precision detection signals.

• Greenfield Opportunity: As the first dedicated D&R hire, you have total autonomy to shape the function, select the tooling, and define the roadmap without legacy technical debt.
• High-Stakes Impact: Your work directly secures a platform used by 1M+ healthcare providers globally, ensuring the privacy of sensitive patient data in a highly regulated landscape.
• Senior-Led Culture: Work in a flat, high-impact team alongside a CISO and Staff Product Security Engineer who value engineering-first security and automation over manual toil.