engineering
Posted Jan 29Security Operations Engineer, Detection and Response Team
at Notion
Dublin, IrelandRemote
Responsibilities
- INCIDENT RESPONSE - Deep expertise in the incident response lifecycle, including investigation, containment, remediation, and recovery. - Lead security incidents and command response efforts, ensuring rapid containment and mitigation—even in unfamiliar environments and across team boundaries. - Lead post-incident learning, conducting blameless postmortems and driving follow-up actions that address systemic issues and prevent recurrence. CLOUD SECURITY -
Requirements
- In today's world of endless apps and tabs, Notion provides one place for teams to get everything done, seamlessly connecting docs, notes, projects, calendar, and email—with AI built in to find answers and automate work.
- experience in security detection, response, or related fields.
- DETECTION ENGINEERING & AUTOMATION - Strong ability to write, tune, and optimize detections across various platforms (e.g., EDR, SIEM, network monitoring). - Proficiency in scripting and automation (Python, Go, or similar) to enhance detection and response capabilities. -
- Experience with detection rule development (Sigma, YARA, Splunk SPL, KQL) and security event correlation.
- Experience securing cloud-native environments (AWS, GCP, or Azure), including detection and response strategies for cloud workloads. - Practical knowledge of detecting malicious activity in application and infrastructure architectures in a SaaS environment. - Ability to assess security gaps and propose detection & response improvements across cloud and endpoint platforms.
- You care about mentorship, learning, and continuous improvement. - You don’t need to be an AI expert, but you’re curious and willing to adopt AI tools to work smarter and deliver better results. NICE TO HAVES: -
- Experience leading large-scale security initiatives or driving security automation programs.
- - Familiarity with application-level detections, such as database security monitoring, detecting malicious queries, or abnormal application behavior.
- - Familiarity with security compliance standards (SOC 2, ISO 27001), though not a primary focus.
Additional details
- ABOUT US: Notion helps you build beautiful tools for your life’s work.