Manychat
Manychat14h ago
New

Security Engineer

EngineeringSecurity Engineer
1 views0 saves0 applied

Quick Summary

Key Responsibilities

scoping, containment, evidence collection, root cause analysis, remediation support, and post-incident reviews. Develop and improve detection logic, correlation rules, alert tuning,

Requirements Summary

5+ years of hands-on experience in security operations, incident response, detection engineering, SOC, cloud security, or related technical security roles.

Technical Tools
EngineeringSecurity Engineer

We're looking for an Incident Detection & Response Engineer — a hands-on security professional who can strengthen Manychat’s ability to detect, investigate, and respond to security threats across cloud, application, identity, and endpoint environments.

Reporting to the Cyber Operations Lead, you’ll play a key role in building and operating our detection and response capabilities. You’ll work closely with Infrastructure, IT Operations, and Engineering teams to identify suspicious activity, investigate incidents, improve security monitoring, and help make our environment more resilient.

This role is ideal for someone who enjoys technical investigation, structured response, automation, and continuous improvement of detection logic, playbooks, and operational processes.

Responsibilities

~1 min read
  • Monitor, triage, and investigate security alerts across SIEM, EDR, email security, cloud security, identity, and application security tools.
  • Lead hands-on investigation of security events involving AWS, Okta, endpoints, SaaS platforms, infrastructure, and application logs.
  • Perform incident response activities: scoping, containment, evidence collection, root cause analysis, remediation support, and post-incident reviews.
  • Develop and improve detection logic, correlation rules, alert tuning, and use cases across cloud, identity, endpoint, and application layers.
  • Analyze logs and telemetry from sources such as AWS CloudTrail, GuardDuty, Security Hub, Okta, EDR, WAF, DNS, VPN, and business systems.
  • Create and maintain incident response playbooks, investigation runbooks, escalation procedures, and operational documentation.
  • Partner with Infrastructure, IT Operations, and Engineering teams to validate findings, remediate risks, and improve security controls.
  • Support vulnerability, misconfiguration, and threat investigations by correlating signals from multiple security tools.
  • Contribute to threat hunting activities based on known attacker techniques, suspicious behavioral patterns, and emerging threats.
  • Help improve visibility across cloud, endpoint, identity, and application environments.
  • Support security incident reporting, timelines, post-mortems, and lessons-learned documentation.
  • Contribute to compliance evidence and operational controls related to SOC 2 and ISO 27001 incident response requirements.
  • Help automate repetitive investigation and response tasks where practical.
  • 5+ years of hands-on experience in security operations, incident response, detection engineering, SOC, cloud security, or related technical security roles.
  • Practical experience investigating security alerts and incidents across cloud, identity, endpoint, and network/application layers.
  • Strong experience working with SIEM platforms, including log analysis, alert triage, rule tuning, and investigation workflows.
  • Hands-on experience with EDR tools and endpoint investigation across macOS and/or Windows environments.
  • Experience investigating identity-related events, ideally using Okta or a comparable IAM/SSO platform.
  • Solid understanding of common attacker techniques, MITRE ATT&CK, phishing, credential compromise, malware, lateral movement, and cloud misconfiguration risks.
  • Ability to perform structured incident response: scope the issue, identify impact, coordinate containment, support remediation, and document findings clearly.
  • Experience writing and maintaining incident response playbooks, detection logic, and investigation runbooks.
  • Strong analytical mindset with the ability to connect signals across different tools and data sources.
  • Good communication skills — able to explain technical findings, risk, and recommended actions clearly to both technical and non-technical stakeholders.
  • Fluent English communication skills, both written and verbal.
  • Experience with detection engineering and building SIEM correlation rules or detection-as-code workflows.
  • Understanding of AWS security services and logs, including CloudTrail, GuardDuty, Security Hub, IAM, and AWS Config.
  • Digital forensics experience, including endpoint evidence collection and timeline analysis.
  • Experience with WAF, DNS security, VPN, MDM, DAST/SAST, SCA, or secrets scanning tools.
  • Experience supporting SOC 2 and/or ISO 27001 compliance requirements in a SaaS environment.
  • Experience with scripting or automation using Python, Bash, Terraform, or SOAR-style workflows.
  • Security certifications such as GCIH, GCIA, GCFA, GNFA, CySA+, Security+, or similar.
  • Experience working in a fast-moving SaaS or product engineering environment.

What We Offer

~1 min read
  • 💙 Comprehensive health insurance for both you and your family.
  • 📚 Professional development budget for conference tickets, online courses, and other relevant resources to help you grow.
  • 🫶 Flexible benefits package: no one-size-fits-all perks here. You get a budget and you decide where it goes, from health and wellbeing to family and setting up your home office.
  • 🪴 Hybrid work and generous, flexible time off — planned with your team, not rationed by a rigid quota.
  • 🤝 Company-funded sport activities, annual offsites and team-building events.
  • 🤖 AI isn't a perk here — it's how we work. Claude, OpenAI, and more are on by default from day one, and we back teams in adopting whatever makes them faster.

Manychat is an Equal Opportunity Employer. We're committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual preference, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance.

This commitment is also reflected through our candidate experience. If you have individual needs that may require an accommodation during the interview process, please indicate this in your application. We will do our best to provide assistance throughout your interview process to ensure you're set up for success.

With my application, I accept the Manychat Privacy Policy.

Location & Eligibility

Where is the job
Honduras
On-site within the country
Who can apply
HN

Listing Details

Posted
July 17, 2026
First seen
July 17, 2026
Last seen
July 18, 2026

Posting Health

Days active
0
Repost count
0
Trust Level
67%
Scored at
July 17, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust
Manychat
Manychat
greenhouse

ManyChat is a global Chat Marketing platform that enables businesses to automate conversations and drive sales on messaging apps like Instagram, WhatsApp, and Facebook Messenger. Founded in 2015, it serves over a million businesses worldwide with its user-friendly chatbot builder and automation tools.

Employees
350
Founded
2015
View company profile
Newsletter

Stay ahead of the market

Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.

A
B
C
D
Join 12,000+ marketers

No spam. Unsubscribe at any time.

ManychatSecurity Engineer