Detection & Response Engineer at xAI — task breakdown

ABOUT xAI xAI’s mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company’s mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All employees are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. ABOUT THE ROLE: We are seeking a skilled and proactive Detection & Response Engineer to join our security team. In this critical role, you will be responsible for detecting, investigating, and responding to security incidents across our cloud-native and AI-focused infrastructure. You will play a key part in safeguarding our innovative technologies and sensitive data. RESPONSIBILITIES: Monitor and analyze security alerts and logs to identify potential threats and anomalies Develop, implement, and maintain detection rules and correlation logic in our SIEM platform Conduct thorough investigations of security incidents, performing root cause analysis and impact assessments Lead incident response efforts, coordinating with relevant teams to contain and mitigate threats Create and maintain incident response playbooks and runbooks Perform regular threat hunting activities to proactively identify potential security risks Develop and refine metrics and reporting to track the effectiveness of detection and response capabilities Collaborate with other security teams to improve overall security posture and incident handling processes Stay current with emerging threats, attack techniques, and defensive strategies in the cloud-native and AI domains BASIC QUALIFICATIONS: Bachelor's degree in Computer Science, Cybersecurity, or a related field 3-5 years of experience in security operations, incident response, or a similar role Strong understanding of cybersecurity principles, attack techniques, and defensive strategies Proficiency in at least one scripting language (e.g., Python, Rust) for automation and tool development Experience with SIEM platforms and log analysis tools Familiarity with cloud environments (e.g., AWS, GCP, Azure) and their security features Knowledge of network protocols, system administration, and common attack vectors Strong analytical and problem-solving skills with attention to detail Excellent communication skills and ability to work effectively under pressure PREFERRED SKILLS AND EXPERIENCE: Relevant security certifications (e.g., GCIH, GCIA, SANS) Experience with threat intelligence platforms and their integration into detection processes Familiarity with AI/ML security implications, particularly those outlined in the OWASP LLM Top 10 Knowledge of software supply chain security and SBOM analysis Experience with containerized environments and Kubernetes security Experience in building custom security tools or integrations to enhance detection and response capabilities Interest in

Detection & Response Engineer

Classified Tasks (11)

Augment (7)

Human-Only (4)

Job description