Security Response Engineer, Detection Engineering

• Proven incident response leadership: experience as the primary incident commander for high‑severity security incidents involving multiple teams and external stakeholders, and can independently manage incident timelines, decisions, and communications • Operational rigor and investigation depth: demonstrated experience with triage, scoping, containment, and remediation across endpoint, cloud, and/or network based incidents; drives root‑cause analysis and post‑incident action items to completion. • Experience in macOS-heavy environments: has secured and operated a predominantly macOS endpoint fleet: deploying / managing endpoint controls, telemetry collection, and performing investigations on macOS systems. • Collaborative, straightforward communicator: writes clear incident updates and summaries; can explain risk, impact, and trade‑offs to both technical and non‑technical stakeholders; builds trust with partner teams during high‑pressure situations; comfortable handling the regular communication cadence of an incident • Detections experience: ability to create and refine detections based on investigations and threat intelligence • Previous coding experience (Python, Go, Rust, or similar): scripting for data parsing/enrichment and simple automations • Prior success in remote-first environments. • Experience with detections‑as‑code (Sigma) development and workflows. • Domain experience with blockchain/Web3 threats. • Open-source contributions to security related projects. • All roles with Chainlink Labs are global and remote-based. Unless otherwise stated, we ask that you try to overlap some working hours with Eastern Standard Time (EST). • Commitment to Equal Opportunity