Threat Response Expert

We're Vega! One of the fastest growing start-ups in Cybersecurity - redefining the limits of Security Analytics and Operations.

We've raised a $65M Series A from Cyberstarts, Accel, Redpoint and CRV, to build a platform that will become the new AI-Native operating system for the SOC. We're already making a huge impact on some of the world's largest companies - improving their detection, unlocking their data and saving them money. Want to join us and be a part of the journey? This is your chance!

We're looking for a Threat Response Expert to join our team and shape the future of threat detection. In this role, you'll be at the forefront of identifying and analyzing emerging threats, helping to shape the features of our Threat Detection platform. You'll be crafting detection logic and hunting strategies that enable security teams to identify and respond to advanced threats across their entire environment.

What You Will Do

• Work directly with customers to help them solve concrete security pain points and operational use cases using Vega, primarily during POVs and onboarding.
• Perform advanced threat hunting across customer datasets to identify meaningful security findings, including compromise evidence, exploitation indications, suspicious activities, and visibility or posture gaps.
• Build and evolve internal tools and AI-powered capabilities that support threat hunting, anomaly detection, and exploratory analysis.
• Translate immediate customer security needs into ad-hoc security content, including detections, threat hunting notebooks, and investigative workflows.
• Participate in customer-facing sessions alongside Sales Engineers and Technical Account Managers to present findings, explain security context, and walk through Vega’s capabilities and content.
• Deliver technical demonstrations, workshops, trainings, and hands-on sessions that show customers how to use Vega for their security workflows.
• Research emerging threats, including new CVEs and active campaigns, in collaboration with the CTI team, and translate them into immediate detections and threat hunting content.
• Publish public-facing technical content on threat hunting and SecOps, including blog posts, webinars, open-source tools, and research findings.
  
  

• At least 6 years of hands-on experience in security operations, threat hunting, incident response, or detection engineering, working with real production data.
• Strong hands-on experience investigating security events, performing advanced threat hunting, and identifying meaningful findings.
• Deep familiarity with common attack techniques, attacker behavior, and modern threat landscapes across endpoint, identity, network, cloud, and application environments.
• Comprehensive knowledge of security controls and security architectures across cloud, network, identity, application, and endpoint environments.
• Experience working with large-scale security datasets and performing exploratory analysis, anomaly detection, and investigative research.
• Ability to write efficient, readable code and scripts for analysis, automation, and internal tooling used by the team.
• Comfort working directly with customers in technical discussions, explaining findings, tradeoffs, and investigative approaches clearly and practically.
• Experience collaborating with product, engineering, or research teams to influence tooling, workflows, and platform capabilities.
• Strong written communication skills, with the ability to produce clear technical documentation and public-facing content when needed.
• Excellent English communication skills, both written and verbal.
• Curiosity and initiative to research emerging threats, new techniques, and evolving attacker behavior, and apply that research in practice.