Senior Security Engineer, Detection and Response at Coalition | Powderkeg

Location: United States

Employment Type: Full-time

Team: Security

About Us

Founded in 2017, Coalition is on a mission to solve cyber risk and create a safer digital economy where everyone can thrive. Digital risk is now a part of every business and it’s no longer solely the domain of technical teams. That’s why we combined comprehensive insurance with proactive cybersecurity tools to help organizations stay resilient to digital risks like cyber attacks, funds transfer fraud and much more.

Our team works collaboratively across North America and Europe to prevent security failures and provide both technical and financial help when incidents do occur. Today, Coalition is the world’s largest commercial insurtech serving over 130,000 customers including many small businesses that rely on Coalition to help them chart a path forward in the new digital world.

As of September 2021, Coalition has raised $520 million from leading global technology investors as well as highly-regarded institutional investors including: Index Ventures, Ribbit Capital, Valor Ventures, Durable Capital, T. Rowe Price Advisors, and Whale Rock Capital, valuing the company at more than $3.5 billion.

Coalition has experienced tremendous growth by helping organizations of all sizes solve real-world problems and by remaining true to our founding values of character, humility, responsibility, authenticity and diversity. That’s why we are proud to be named one of Inc’s Best Places to Work in 2021.

About The Role

We are looking for a Senior Security Engineer (remote) to be a key leader in expanding Coalition’s internal security program. This role will serve as a full-spectrum security engineer with a strong focus on detection and response. Securing Coalition is essential to protecting our policyholders and achieving Coalition’s goals of solving cyber-security risk. The Infosec team leads the company-wide efforts to improve Coalition’s security posture in close collaboration with Product, Engineering, and IT.

This is an engineering role and you will be a key contributor to our roadmap while building innovative and scalable detection/response solutions. We’re targeted by the most capable adversaries and Infosec has excellent visibility and support from the entire company. You will use modern cloud technology stacks in both the production and corporate environment and influence major security technology decisions. The role will report to the Director of Security & Infrastructure under the Engineering department and partner with the IT, Security Engineering and Platform Engineering teams.


  • Provide expert experience building information security programs to include hands-on selection, implementation and/or assessment of security controls
  • Evaluate, test, implement, and operate endpoint, cloud, and network-based security tools to enhance Infosec’s monitoring of the technology environment
  • Respond to computer security incidents and/or collect, analyze and disseminate cyber threat intelligence
  • Hunt for threats by monitoring logs, behavioral data, and other data sources

Skills and Qualifications

  • 5 years of security engineering experience with a focus on attack detection and response. Especially in macOS, AWS, and SaaS environments
  • 1+ years development experience
  • Bachelor’s degree in a technical discipline or equivalent work experience
  • Demonstrated expert understanding of the life cycle of network threats, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures
  • Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis or other areas of security operations
  • Expertise with security information and event management (SIEM) systems and writing high-signal, low-noise detections.
  • Knowledge and operational use of major cloud technologies
  • Incorporates Cyber Threat Intelligence and Cyber Security Awareness concepts into programs as necessary to address risk from internal and external threats
  • Ability to communicate effectively to both technical and non-technical audiences - articulate security risk and mitigate controls to management. Empathetic and proactive in supporting business needs.
  • Knowledge of programming and scripting for development of security tools and industry frameworks is helpful

Bonus Points

  • Knowledge of tiered operational support involving all aspects of the monitoring, response and triage of cybersecurity events
  • Experience with SOAR platforms (Demisto, Phantom, etc.)
  • Experience with MITRE ATT&CK framework, and ability to adapt these adversary techniques, tactics, and procedures to IDS and SIEM rules
  • Experience with vulnerability scanning and management tooling, such as Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, or other offensive tools

Why Coalition?

Coalition's culture is one that strongly values humility, authenticity, and diversity. We want to work with people of different backgrounds and different paths in life, and we trust our team members to take responsibility, share ownership and work for one another. We are always looking for collaborative, inquisitive and dedicated individuals to join our team.

Coalition Engineering

Our culture is one of character, humility, responsibility, purpose, and authenticity. We are growing rapidly and that growth is enabled by strong teamwork, communication, and mentorship. We want people who are passionate about becoming experts in both the business and the technologies that support it. Our core platform is written mostly in Python with some services in Java and Go. We prefer to use the right tool for the job and make pragmatic decisions about how to scale and de-couple systems as we continue to grow. We’re looking for someone who can navigate a cloud environment (AWS) with many moving pieces and systems to help the team understand how they fit into the broader puzzle.

**Recent press releases: **

[Coalition Closes $205 Million Series E, Valuing the Cyber Insurance Provider At More Than $3.5 Billion]( funding-and-over-3-5-billion-valuation/)

Coalition is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.


Job Summary
  • Job Title
    Senior Security Engineer, Detection and Response
  • Company
  • Location
    San Francisco, CA
  • Employment Type
    Full time
Ready to apply?
Ready to apply?