Detection & Response Engineer

About Kandji

Kandji is the Apple device management and security platform that empowers secure and productive global work. With Kandji, Apple devices transform themselves into enterprise-ready endpoints, with all the right apps, settings, and security systems in place. Through advanced automation and thoughtful experiences, we’re bringing much-needed harmony to the way IT, InfoSec, and Apple device users work today and tomorrow.

Some of the smartest money in tech has partnered with Kandji to realize our vision, including Tiger Global, Felicis, Greycroft, First Round Capital, and Okta Ventures. In July 2024, Kandji raised $100 million in capital from General Catalyst, bringing Kandji’s valuation to $850 Million.

Since Kandji’s Series C in 2021, the company has seen a 600%+ increase in annual recurring revenue, and its customer base has grown nearly 4X across 40+ industries. Notable customers include Allbirds, Canva, and Notion, and the company has partnerships with such industry giants as ServiceNow, AWS, and Okta.

Kandji was also named to Forbes’ Next Billion Dollar Startup List 2023 and recognized as a top venture-backed startup with the potential to reach unicorn status.

The Opportunity

Kandji is looking for a Detection & Response Engineer to add to our growing Security Team. This is a hands-on technical role that involves: solving complex security problems, threat detection, security orchestration & automation, incident response, developing new tools, and security operations. As a Detection & Response Engineer, you will have the opportunity to provide D&R thought leadership, take ownership of end-to-end detection development lifecycle, and execute on core D&R engineering efforts.

How you will make a difference day to day:

• Develop, test, and deploy high fidelity detections
• Establish telemetry data across Kandji product and corporate environments
• Detect and respond to cyber threats and incidents
• Deploy and optimize detection and response technologies (e.g., SIEM, IDS/IPS, EDR)
• Codify detection and response processes and playbooks
• Conduct ad-hoc threat hunts in support of SecOps, detection, automations or tools
• Build tools, integrations and automations for SecOps and threat detection platforms
• Collaborate across functional teams, such as Product, Engineering, and IT, to understand and protect all aspects of Kandji cyber footprint
• Act as Kandji’s customer zero and partner with internal Product Management Team to provide important insights as to how the Kandji product could be improved for the needs of our internal team and the needs of our customers

Minimum qualifications:

• 4+ years of hands-on security operations experience in the modern cloud environments
• Hands-on experience with SIEM tooling and centralized logging (e.g. Panther, Rapid7, ELK, Splunk)
• Writing and deploying threat-intelligence driven detections (e.g. endpoint, network, cloud, or container)
• Securing cloud environments (e.g. AWS, Azure, or GCP)
• Leveraging scripting languages for automation and integration (Python preferred, but other languages are welcome)
• Building and configuring Detection-As-Code frameworks
• Subject matter expert for incident response lifecycle and implementation
• Experience with using and configuring Security Orchestration, Automation, and Response (SOAR) tooling
• Strong fundamentals of Linux and Mac operating systems