We’re looking for a Senior Threat Detection & Intelligence Engineer to help us understand how adversaries operate, detect meaningful threats early, and lead investigations when it matters most. This role sits at the intersection of threat intelligence, detection engineering, and incident investigation with an engineering-first mindset.
If you enjoy turning messy signals into clear attacker narratives, this role is for you.
The Cloud Security & Detection & Response (CSDR) team protects Miro by staying ahead of credible threats. We focus on:
Translating external threat intelligence into actionable detections
Building custom, high-fidelity detections for cloud and SaaS environments
Leading complex investigations and incident response
Partnering with engineering to drive security by design
We care about context, signal quality, and attacker intent not alert volume.
Track emerging threats, attacker techniques, and campaigns relevant to cloud and SaaS
Turn threat intelligence into practical detection strategies and attack hypotheses
Design and maintain context-aware detections across cloud, identity, and application layers
Lead deep investigations, from first signal to root cause and remediation
Act as a technical lead during security incidents, guiding response and decision-making
Analyze detection and investigation trends to improve preventative controls
Partner with engineering teams to raise security maturity across the organization
This role is a great fit if you:
Think in attacker TTPs, not just alerts or dashboards
Enjoy investigating ambiguous signals and turning them into clear conclusions
Have experience in threat intelligence, threat hunting, or security investigations
Care about why something is happening, not just what fired
Want to build detection programs that evolve with the threat landscape
Are comfortable explaining technical risk in business terms
This role is not a fit if you’re mainly focused on compliance, policy writing, or managing vendors.
5–7 years in security, with 2+ years in threat detection, threat intelligence, or investigations
Experience in cloud-native SaaS environments (AWS strongly preferred)
Strong investigation skills and ability to analyze attacker behavior
Experience using threat intelligence to inform detection and response
Proficiency in Python and comfort automating security workflows
Experience querying large datasets (SQL or similar)
Familiarity with cloud security telemetry, logging, and detection platforms
Solid understanding of incident response and digital forensics
Experience with Infrastructure as Code (Terraform or similar)
You’ll help define how threat intelligence is used, not just consume it
You’ll work on real attacker behavior, not checkbox security
You’ll have room to build, experiment, and improve detection capabilities
You’ll partner closely with engineers who value security as an engineering problem
Competitive salary + equity
401(k) with matching
Excellent Medical, Dental & Vision coverage
Fertility & family-forming benefits
Flexible time off
Lunch, snacks, and drinks in the office
Wellbeing stipend + WFH equipment allowance
Annual learning & development budget
Up to $2,000/year in charitable donation matching
The reasonably estimated salary range is specific to Austin and may not be applicable to other locations. The range for this role is $150.000 to $170.000. Final compensation and total package components will be based on individual factors such as the candidate's skills, qualifications, and experience.
Miro is a visual workspace for innovation that enables distributed teams of any size to build the next big thing. The platform's infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, and more. Miro, co-headquartered in San Francisco and Amsterdam, serves more than 100M users and 250,000 companies collaborate in the Innovation Workspace. Miro was founded in 2011 and currently has more than 1,600 employees in 13 hubs around the world.
We are a team of dreamers. We look for individuals who dream big, work hard, and above all stay humble. Collaboration is at the heart of what we do and through our work together we hope to create a supportive, welcoming, and innovative environment. We strive to play as a team to win the world and create a better version of ourselves every day. If this sounds like something that excites you, we want to hear from you!
Check out more about life at Miro:
At Miro, we strive to create and foster an environment of belonging and collaboration across cultural differences. Miro’s mission — Empower teams to create the next big thing — is how we think about our product, people, and culture. We believe that creating big things requires diverse and inclusive teams. Diversity invites all talent with different demography, identities and styles to step in, and inclusion invites them to step closer together. Every day, we are working to build a more diverse Miro, cultivate a sense of belonging for future and current Mironeers around the world, and foster an environment where everyone can collaborate and embrace differences.
Miro handles and uses personal data of job applicants in line with its Recruitment Privacy Policy found here.
Miro is an online, visual collaboration platform designed to unlock creativity and accelerate innovation among teams of all kinds. The platform’s infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, ...
Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!
Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.
Engineer Q&A's