Help minimize security risks by leading threat detection efforts and incident investigations within a high-performing team, employing actionable intelligence to improve safety protocols.
We’re looking for a Senior Threat Detection & Intelligence Engineer to help us understand how adversaries operate, detect meaningful threats early, and lead investigations when it matters most. This role sits at the intersection of threat intelligence, detection engineering, and incident investigation with an engineering-first mindset.
If you enjoy turning messy signals into clear attacker narratives, this role is for you.
The Cloud Security & Detection & Response (CSDR) team protects Miro by staying ahead of credible threats. We focus on:
Translating external threat intelligence into actionable detections
Building custom, high-fidelity detections for cloud and SaaS environments
Leading complex investigations and incident response
Partnering with engineering to drive security by design
We care about context, signal quality, and attacker intent not alert volume.
Track emerging threats, attacker techniques, and campaigns relevant to cloud and SaaS
Turn threat intelligence into practical detection strategies and attack hypotheses
Design and maintain context-aware detections across cloud, identity, and application layers
Lead deep investigations, from first signal to root cause and remediation
Act as a technical lead during security incidents, guiding response and decision-making
Analyze detection and investigation trends to improve preventative controls
Partner with engineering teams to raise security maturity across the organization
This role is a great fit if you:
Think in attacker TTPs, not just alerts or dashboards
Enjoy investigating ambiguous signals and turning them into clear conclusions
Have experience in threat intelligence, threat hunting, or security investigations
Care about why something is happening, not just what fired
Want to build detection programs that evolve with the threat landscape
Are comfortable explaining technical risk in business terms
This role is not a fit if you’re mainly focused on compliance, policy writing, or managing vendors.
5–7 years in security, with 2+ years in threat detection, threat intelligence, or investigations
Experience in cloud-native SaaS environments (AWS strongly preferred)
Strong investigation skills and ability to analyze attacker behavior
Experience using threat intelligence to inform detection and response
Proficiency in Python and comfort automating security workflows
Experience querying large datasets (SQL or similar)
Familiarity with cloud security telemetry, logging, and detection platforms
Solid understanding of incident response and digital forensics
Experience with Infrastructure as Code (Terraform or similar)
You’ll help define how threat intelligence is used, not just consume it
You’ll work on real attacker behavior, not checkbox security
You’ll have room to build, experiment, and improve detection capabilities
You’ll partner closely with engineers who value security as an engineering problem
We want you to feel supported, connected, and ready to grow. Our global benefits package generally includes equity, a wellbeing benefit, a WFH equipment allowance, and an annual Learning & Development stipend. Join a diverse team where you can do your best work. Full benefits may differ per location. If you would like to learn more about location-specific benefits, please refer to our Global Miro benefits board.
Miro is a visual workspace for innovation that enables distributed teams of any size to build the next big thing. The platform's infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, and more. Miro, co-headquartered in San Francisco and Amsterdam, serves more than 100M users and 250,000 companies collaborate in the Innovation Workspace. Miro was founded in 2011 and currently has more than 1,600 employees in 13 hubs around the world.
We are a team of dreamers. We look for individuals who dream big, work hard, and above all stay humble. Collaboration is at the heart of what we do and through our work together we hope to create a supportive, welcoming, and innovative environment. We strive to play as a team to win the world and create a better version of ourselves every day. If this sounds like something that excites you, we want to hear from you!
Check out more about life at Miro:
At Miro, we strive to create and foster an environment of belonging and collaboration across cultural differences. Miro’s mission — Empower teams to create the next big thing — is how we think about our product, people, and culture. We believe that creating big things requires diverse and inclusive teams. Diversity invites all talent with different demography, identities and styles to step in, and inclusion invites them to step closer together. Every day, we are working to build a more diverse Miro, cultivate a sense of belonging for future and current Mironeers around the world, and foster an environment where everyone can collaborate and embrace differences.
Miro handles and uses personal data of job applicants in line with its Recruitment Privacy Policy found here.
Flexible Work Hours
Flexible time off
Free Meals & Snacks
Lunch, snacks, and drinks in the office
Health Insurance
Excellent Medical, Dental & Vision coverage
Learning Budget
Annual learning & development budget
Charitable donation matching
Up to $2,000/year in charitable donation matching
Wellness Stipend
Wellbeing stipend + WFH equipment allowance
Miro is a visual workspace platform designed to enhance collaboration and drive innovation among distributed teams. With its infinite canvas, Miro enables users to conduct engaging workshops, brainstorm ideas, and design products, making it an essential tool for over 100 million users and 250,000 companies across various industries.
Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!
Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.
Engineer Q&A's