Security Operations | | | | |
Detection Engineer (4th shift) | Who We Are
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats. The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on Built In's 2025 Best Places to Work list. If our mission resonates with you, let’s talk. What We Believe In
- Do what’s right for the customer
- Be kind and authentic
- Deliver great quality
- Be relentless Challenges You Will Solve
The Cyber Incident Response Team (CIRT) continues to push the boundaries of threat detection and response with a unique combination of operations, threat research, and engineering in tight integration with the development team that designs our analysis platform and the Red Canary Threat Detection Engine. The security landscape is always shifting and introducing new adversaries. The Red Canary CIRT operates 24/7 to track down threats using the entirety of our customer’s data and deliver fast and practical detections to our customers. This is not a role where you are encouraged to passively accept the current state. At Red Canary, you are empowered to actively look for opportunities to automate repetitive and tedious tasks. We let the automation framework handle the mundane tasks, so that you can remain focused on solving complex and critical problems for our customers. | Security Operations | Detection Engineering | Remote |
Senior Cloud Security Researcher | Who We Are
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats. The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on Built In's 2025 Best Places to Work list. If our mission resonates with you, let’s talk. What We Believe In
- Do what’s right for the customer
- Be kind and authentic
- Deliver great quality
- Be relentless Challenges You'll Solve
The Red Canary Intelligence Team conducts in-depth analysis to provide context and help prioritize where to focus detection and response efforts. As a key contributor, you will investigate raw telemetry, analyze suspicious and confirmed threats, and conduct open-source research to associate activity with known adversaries. A significant focus is on researching identity-based threat actors and cloud-targeted TTPs across infrastructure services like AWS, GCP, and Azure, as well as platform services such as Okta, EntraID, and Kubernetes. Curiosity, adaptability, and a passion for addressing evolving threats will be vital for success in this dynamic, mission-driven team. The role requires strong collaboration, outstanding communication, and experience in open-source threat research. A solid understanding of cyber threat intelligence and adversary behaviors is essential, alongside proficiency in analytical and problem-solving skills. Responsibilities include developing intelligence on emerging threats, producing actionable intelligence reports, defining new threat clusters, and identifying opportunities to bolster our detection and response capabilities. Additionally, you will engage with internal teams, external partners, customers and the broader infosec community to communicate unique trends and noteworthy threat actor TTPs through blogs and presentations. This role involves staying updated on emerging threats, suggesting workflow improvements, and supporting customers in understanding and responding to their specific threat models. If you bring a mix of these skills, we encourage you to apply—even if you don’t meet every requirement. The role will adapt to the person who joins. | Security Operations | Intelligence | Remote |
Senior Detection Engineer (3rd shift) | Who We Are
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats. The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on Built In's 2025 Best Places to Work list. If our mission resonates with you, let’s talk. What We Believe In
- Do what’s right for the customer
- Be kind and authentic
- Deliver great quality
- Be relentless Challenges You Will Solve
The Cyber Incident Response Team (CIRT) continues to push the boundaries of threat detection and response with a unique combination of operations, threat research, and engineering in tight integration with the development team that designs our analysis platform and the Red Canary Threat Detection Engine. The security landscape is always shifting and introducing new adversaries. The Red Canary CIRT operates 24/7 to track down threats using the entirety of our customer’s data and deliver fast and practical detections to our customers. This is not a role where you are encouraged to passively accept the current state. At Red Canary, you are empowered to actively look for opportunities to automate repetitive and tedious tasks. We let the automation framework handle the mundane tasks, so that you can remain focused on solving complex and critical problems for our customers. It is expected at the Senior Detection Engineer level, that you already have the skills necessary to immediately contribute to the operational and project needs of the CIRT. This is accomplished by performing analysis of malware, improving our detector footprint, implementing code that will improve our CIRT platform, and more. | Security Operations | Detection Engineering | Remote |
Senior Threat Response Engineer (4th Shift) | Who We Are
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats. The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on Built In's 2025 Best Places to Work list. If our mission resonates with you, let’s talk. What We Believe In
- Do what’s right for the customer
- Be kind and authentic
- Deliver great quality
- Be relentless Challenges You Will Solve
The Threat Response Engineering team is the virtual boots on the ground and responsible for remediating threats detected in Active Remediation customer environments. Being a Threat Response Engineer puts you in the driver’s seat and provides the satisfying opportunity to mitigate threats and be the defender against the adversary. We are our customers' trusted stewards who quickly respond to and remediate their security threats allowing them to focus on their business objectives. The Active Remediation Team has extensive experience conducting investigations on endpoints and servers utilizing a range of techniques such as analyzing telemetry data from Endpoint Detection and Response (EDR) platforms, malware analysis, and threat hunting. Active Remediation takes advantage of the myriad of tools available in the Red Canary platform to perform immediate actions when threats are detected. As Threat Response Engineers, one of our goals is to identify opportunities to increase our efficiency and ensure our customer’s environments are vulnerable for the least amount of time. We do this by finding new and creative ways to use existing tooling to benefit our customers while also helping build and develop new tools to add into our arsenal. | Security Operations | Detection Engineering | Remote |
Threat Response Engineer (4th Shift) | Who We Are
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats. The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on Built In's 2025 Best Places to Work list. If our mission resonates with you, let’s talk. What We Believe In
- Do what’s right for the customer
- Be kind and authentic
- Deliver great quality
- Be relentless Challenges You Will Solve
The Threat Response Engineering team is the virtual boots on the ground and responsible for remediating threats detected in Active Remediation customer environments. Being a Threat Response Engineer puts you in the driver’s seat and provides the satisfying opportunity to mitigate threats and be the defender against the adversary. We are our customers' trusted stewards who quickly respond to and remediate their security threats allowing them to focus on their business objectives. The Threat Response Engineering team has extensive experience conducting investigations on endpoints, servers, and emerging threat surfaces such as identity, email, SaaS, and cloud. The team utilizes a range of techniques such as analyzing telemetry data from security platforms, malware analysis, and threat hunting. Active Remediation takes advantage of the myriad of tools available in the Red Canary platform to perform immediate actions when threats are detected. As Threat Response Engineers, one of our goals is to identify opportunities to increase our efficiency and ensure we minimize the amount of time customer environments remain vulnerable. We do this by finding new and creative ways to use existing tooling to benefit our customers while also helping build and develop new tools to add into our arsenal. | Security Operations | Detection Engineering | Remote |
Skillbridge | | | | |
Skillbridge Program | Who We Are
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats. The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. We’re united in our commitment to customers and grounded in our values, which earned us a place on Built In's 2025 Best Places to Work list. If our mission resonates with you, let’s talk. What We Believe In
- Do what’s right for the customer
- Be kind and authentic
- Deliver great quality
- Be relentless Overview
Red Canary has elected to participate in the Department of Defense’s Skillbridge Program. We are excited to be part of assisting our Nation’s Military personnel in transitioning from Active Duty to Civilian life. Red Canary’s goal is to provide both the general skills (e.g, resume support, interviewing, peer interaction), and specialized skills (e.g., cyber security operations, analysis, engineering) that are required to be successful after separation. We also hope to create a pipeline of job opportunities to expand to our growing Veteran employee base. To be eligible for participation in the Skillbridge Program, you must be an Active Duty U.S. Military personnel with plans to separate within the next year. Program Overview General Skills & Canary Veteran Mentor
Red Canary believes that training the Skillbridge Candidates on how to GET the job is just as important as how to DO the job. During the Candidate’s time with Red Canary, they will be assigned a Skillbridge Mentor. This mentor will be selected from our pool for Canary Veterans, and will be responsible for the following:
Serving as the Candidate’s guide through the Red Canary Program
Serving as a sounding board for career goals
Support external job searches sharing their civilian transition experience, as appropriate
Setting up mock interviews
Supporting or coordinating resume review assistance Specialized Skills & Cyber Security Focus
While there are many military occupational skills that would translate well into supporting Red Canary, our initial Skillbridge Program offering will focus on what we do best - Cyber Security. We have developed a program that will expose the candidates to a variety of Technology and Security skill sets used here at Red Canary and throughout the industry. Please note that at this time we will only be accepting candidates that have current Cyber Security operational experience with a focus in Managed Detection and Response. | Skillbridge | Skillbridge | Remote |