Bastion is seeking a Detection & Response Security Engineer to join their security team as the second member.
The role involves building the foundation for incident response and threat detection programs.
Responsibilities include developing and tuning log-based detections across AWS infrastructure, application stack, and CI/CD pipelines using tools like CloudTrail and GuardDuty.
The engineer will define detection coverage goals and lead threat modeling efforts across systems and services.
The position requires building and maintaining incident response playbooks and participating in real-world incident investigations.
The engineer will also educate Bastion employees on secure engineering and operational practices through tailored trainings and documentation.
Integration of security best practices into Bastion’s infrastructure-as-code and CI/CD workflows is essential to reduce risk by design.
Requirements:
A Bachelor’s degree in Computer Engineering or a related field is required.
Candidates must have 3+ years of experience in a Detection & Response or Security Operations role, preferably in a high-growth or startup environment.
Proficiency in writing and tuning detections using log-based monitoring platforms such as Datadog, Panther, or custom pipelines is necessary.
Hands-on experience with AWS security architecture and services, including CloudTrail, IAM, Security Hub, and KMS, is required.
Strong scripting or software development skills in at least one language, such as Python, Go, Rust, or TypeScript, are essential.
Experience in participating in or leading incident response investigations and postmortems is a must.
Benefits:
Bastion offers equal employment opportunities to all employees and applicants, ensuring a discrimination-free workplace.
The company participates in E-Verify to authorize eligibility of employment in the United States.
Employees can expect a supportive environment that fosters genuine connections and promotes teamwork.
Bastion encourages a continuous improvement mindset, providing opportunities for growth and new challenges in the evolving field of web3.