Detection Engineer

Crusoe is building the World’s Favorite AI-first Cloud infrastructure company. We’re pioneering vertically integrated, purpose‑built AI infrastructure solutions trusted by Fortune 500 companies to power their most advanced AI applications. Crusoe is redefining AI cloud infrastructure, with a mission to align the future of computing with the future of the climate. Our AI platform is recognized as the "gold standard" for reliability and performance.

Our data centers are optimized for AI workloads and are powered by clean, renewable energy.

Be part of the AI revolution with sustainable technology e, you'll drive meaningful innovation, make a tangible impact, and join a team that’s setting the pace for responsible, transformative cloud infrastructure.

Crusoe Security & Compliance is hiring a Senior Security Operations Engineer to play a critical role in safeguarding Crusoe, our customers, and ensuring our security posture remains robust against emerging threats. This role involves leading the detection strategy, creation, tuning, validation, and correlation to maintain effective detections against an ever‑changing threat landscape. The role is hands‑on, encompassing the management of detection technologies and incident response.

• Develop and execute a comprehensive security operations strategy that aligns with organizational goals, ensuring robust protection against current and future cyber threats.
• Evaluate and implement emerging security technologies and methodologies to continuously enhance our security posture and operational efficiency.
• Partner with stakeholders and cross‑functional teams (Engineering, Product, SRE, IT, Legal) to adapt in a dynamic security landscape.

• Design, implement, and fine‑tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities.
• Continuously tune alerting rules to reduce false positives and enhance our signal‑to‑noise ratio.
• Perform forensics and lead response efforts during security incidents, including triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution.

• Drive the advancement and growth of detection and automation initiatives.
• Manage security event monitoring, management, response workflows, and tasks.
• Improve security operations by developing measurement capabilities and metrics to track and communicate performance, coverage, and risk.

• Author comprehensive runbooks, write automation scripts, and build SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.
• Create, maintain, and manage a library of automated playbooks to address new threats and tactics employed by attackers.

• Develop standard operating procedures and other appropriate documentation to enforce quality and consistency of services being delivered.
• Support ongoing security compliance, audit, and certification programs (e.g., HIPAA, SOC 2).

• Minimum of 6 years in cybersecurity, with a focus on detection and response.
• Technical proficiency with protection of on‑premise computing environments and proficiency with one or more major cloud computing environments.
• Strong expertise in incident handling and forensic investigation.
• Strong knowledge of the cyber threat landscape and ability to articulate and incorporate understanding of major threat categories, motivations, and intent of adversaries.
• Automation‑first mindset and demonstrated expertise in mentoring and training peers in security engineering skill sets.
• Experience in at least one programming language (Python, Go, C, C++) or deep expertise using low‑code automation tools or SOAR platforms.
• Exceptional collaboration and communication skills, with the ability to engage with partners and stakeholders from various perspectives and technical understanding.
• Familiarity with modern infrastructure tools, such as Docker, Kubernetes, Ansible, Cloud Formation, Terraform.
• Experience building and…