The Detection & Response (D&R) team plays a critical role in protecting our systems, users, and data from security threats. We’re looking for an experienced Technical Program Manager to own and evolve incident management within D&R.

You’ll be the driving force behind maturing and scaling our incident response lifecycle,from detection and triage through containment, remediation, and post-incident review. Critically, some of the highest-impact work in this role happens after the immediate response: gathering data on incident trends, reporting on patterns and root causes, and working cross-functionally across engineering, security, infrastructure, and product teams to ensure that broad fixes and systemic improvements are actually implemented.

Responsibilities

• Own the end-to-end D&R incident management program: detection workflows, response processes, escalation paths, communication standards, and remediation tracking.

• Serve as incident commander for security incidents, driving clear coordination across executive, engineering, security, legal, and other appropriate stakeholders.

• Establish and run incident commander rotations within D&R, ensuring clear ownership and effective coordination during incidents of varying severity.

• Drive post-incident accountability by defining how action items are captured, assigned, tracked, and completed across teams,ensuring follow-through on both tactical fixes and strategic improvements.

• Gather, analyse, and report on incident trends and patterns to surface systemic risks, recurring root causes, and areas where the organisation is most vulnerable.

• Translate trend analysis into actionable cross-functional initiatives: partner with engineering, infrastructure, security, and product teams to prioritise and implement broad fixes and preventive improvements that address root causes rather than symptoms.

• Lead incident review forums (post-mortems, retrospectives) and ensure learnings are captured, socialised, and acted upon across the organisation.

• Develop and maintain D&R incident response documentation, playbooks, runbooks, and training materials; keep them current as the threat landscape and our systems evolve.

• Partner with detection engineering to improve alert fidelity, reduce noise, and shorten time-to-detection for security events.

• Define, develop, and track incident management KPIs and report regularly to D&R and Security leadership.

• Support broad cross-functional training and initiatives to uplevel security awareness across the company (e.g. Tabletop exercises, training, talks).

You may be a good fit if you:

• Have 7+ years of experience in technical program management, incident management, or security operations, with significant time spent in a detection & response or security incident response context.

• Have led or built incident response programs at a technology company, ideally in a high-growth or security-intensive environment.

• Have a demonstrated track record of turning incident data into organisational improvements,not just writing post-mortems, but driving the cross-functional work to implement systemic fixes.

• Are comfortable participating in on-call responsibilities and leading incident response during high-severity security events, including off-hours.

• Have experience building and scaling operational processes from the ground up in environments where structure didn’t previously exist.

• Excel at driving accountability and follow-through across multiple teams without direct authority,you know how to influence, track, and close the loop.

• Have strong analytical skills and experience with incident trend analysis, metrics reporting, and data-driven prioritisation.

• Are highly organised with a knack for bringing structure to ambiguous, fast-moving situations.

• Have excellent communication skills, especially under pressure and when coordinating across technical and non-technical stakeholders, including executive leadership.

• Thrive in fast-paced environments where priorities shift and you’re often working with incomplete information.

Logistics

Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience

Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience

Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position

Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren’t able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

How we’re different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact , advancing our long-term goals of steerable, trustworthy AI , rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We’re an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills.

The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences.

Come work with us!

Anthropic is a public benefit corporation

XML job scraping automation by YubHub

dbt Labs is the pioneer of analytics engineering, helping data teams transform raw data into reliable, actionable insights. As of February 2025, we’ve grown from an open source project into the leading analytics engineering platform, now used by over 90,000 teams every week, driving data transformations and AI use cases.

We’re backed by top-tier investors including Andreessen Horowitz, Sequoia Capital, and Altimeter. At our core, we believe in empowering data practitioners:

• Reliable, high-quality data is the fuel that propels AI-powered data engineering.
• AI is changing data work, fast. dbt’s data control plane keeps data engineers ahead of that curve.
• We empower engineers to deliver reliable, governed data faster, cheaper, and at scale.

About the Security Team

The mission of the Security Engineering team at dbt Labs is to provide clear, opinionated security guidance and scalable, secure-by-default offerings to engineers for the purpose of securing software development and enabling pragmatic risk decisions at dbt.

Responsibilities

As a Senior Security Operations Engineer on the Detection & Response team, you will strengthen and maintain the company's security posture throughout the threat detection lifecycle from telemetry collection and continuous monitoring through threat detection, incident response, and security event management. You will serve as a subject matter expert for security operations across the dbt Labs' teams and technology infrastructure, including multi-cloud production environments, identity, endpoints, and SaaS technologies.

Key Responsibilities

• Participate in a 24/7 on-call rotation providing coverage for active security incidents, investigations, and security events across our global infrastructure.
• Lead investigation and remediation of security incidents, coordinating cross-functional response efforts to minimize impact and recovery time.
• Play a major role in bootstrapping an end to end D&R alert and investigation pipeline.
• Triage and investigate security alerts from detection tools including Wiz Defend, Crowdstrike, and cloud security platforms to identify genuine threats and reduce false positives.
• Develop and maintain detection rules, runbooks, and response procedures mapped to the company's threat model.
• Automate alert triage workflows and improve mean time to detection and response through tooling and process enhancements, including leveraging AI enrichment and processing.
• Collaborate with Infrastructure and Application Security teams to implement secure-by-design principles and remediate identified security issues.
• Conduct security event analysis to identify policy violations, misconfigurations, and potential attack vectors before they become incidents.
• Partner with our Enterprise Security & Technology team to enhance endpoint security controls and monitoring across endpoints (MacOS laptops & some Windows and Linux-based development environments).
• Design and facilitate tabletop exercises and game days to test detection, response, recovery, and remediation capabilities.
• Contribute to the maturation of the security incident response program through documentation, training, and process improvements.
• Mentor junior security engineers and cross-functional team members on incident handling best practices.

Requirements

• Demonstrated ability to excel in high-pressure situations; we need someone who can make sound decisions during active security incidents and can calmly serve as incident commander with confidence.

Qualifications

• Have 8+ years of professional experience in security-related domains, including at least 4 years in security operations, incident response, threat hunting, or threat detection roles.
• Have demonstrable experience leading security incident investigations and coordinating cross-team response efforts.

What We Offer

• Competitive compensation packages commensurate with experience, including salary, equity, and where applicable, performance-based pay.
• Opportunity to work with a leading analytics engineering platform and contribute to the growth and success of the company.
• Collaborative and dynamic work environment with a team of experienced professionals.
• Opportunities for professional growth and development.

How to Apply

If you are a motivated and experienced security professional looking for a new challenge, please submit your resume and cover letter to [insert contact information]. We look forward to hearing from you!

XML job scraping automation by YubHub

Our team is responsible for functions across corporate security, detection & response, and infrastructure security domains. We perform systems engineering and automation to support those functions. Security Operations is part of our wider Trust & IT organization, which means you will have the opportunity to work closely with Application Security, Corporate Engineering, GRC, and IT.

You will also help build and maintain our team's open-source project Substation and have the opportunity to contribute to the Brex Tech Blog. You'll be part of a team that actively contributes to the wider security community and has a commitment to mentorship and engineering excellence.

We're looking for individuals with a strong background and interest in detecting, responding to, and resolving security incidents and security challenges. You should be comfortable dealing with lots of moving pieces, changing priorities, and new technologies, while having a keen eye for detail.

Most importantly, you should be enthusiastic about working with a variety of backgrounds, roles, and people across Brex. Building a world-class financial service requires world-class security.

As a Senior Security Operations Engineer, you will:

• Work on a highly cross-functional team to prevent, detect, and respond to security threats across Brex's corporate and cloud environments
• Perform security incident response, investigation, remediation, and documentation, participate in periodic threat hunting and security exercises
• Leading, scoping, and building features, participate in designing, and maintaining tools and systems which support the team's domains – corporate security, detection & response, and infrastructure security
• Collaborating and partnering with engineering and operations teams to drive remediation of security issues, while balancing prioritization of those security issues within SLA and teams' respective backlogs
• Caring about secure system design, valuing building things correctly, an understanding of a MVP approach, and an empathetic mindset when working with others

Requirements:

• Bachelor's degree in Computer Science, Engineering, or related field OR equivalent training/fellowship OR 5+ years work experience
• Experience working in a corporate security, detection & response, or infrastructure security role with responsibilities for security alert triage and security incident response
• Familiarity with CI/CD systems and DevOps workflows (e.g., Buildkite, Flux, Git, Terraform) in cloud environments (e.g., AWS, Azure, GCP)
• Experience with deploying and maintaining some of the security services and tools owned by the team (e.g., SIEM, data pipelines, SOAR, domain monitoring, endpoint tooling, email protection tooling, cloud security tools)
• While not primarily a development role, the team develops and maintains tools written in Go and Python, so experience with coding is required
• You thrive in a collaborative environment filled with a diverse group of people with different expertise and backgrounds

Bonus points:

• Proficiency with Go and other programming languages
• Experience with securing distributed systems in AWS, cloud, and Kubernetes environments
• Contributions to the wider technical community (open source, public research, mentorship, community organizing, blogging, presentations, etc.)

Compensation:

The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend on a number of factors including the candidate's location, skills, experience, market demands, and internal pay parity. Depending on the position offered, equity and other forms of compensation may be provided as part of a total compensation package.

XML job scraping automation by YubHub