Senior Security Engineer, Automated Detection & Response
Confirmed live in the last 24 hours
Caribou
Compensation
compensation: $154 - 193K
Job Description
At Caribou, we care about giving people financial freedom so they can focus on what’s most important to them. Today, less than two percent of Americans refinance their auto loans despite drastic increases in the cost of new and used cars. We see huge potential to help folks reduce their monthly auto expenses, as well as increase the predictability of those expenses over time. We do this by building technology to pair customers with community banks and credit unions, and ushering them through the process quickly. On average, our drivers save $159/month on their car loans while protecting their investment long term.
Caribou is led by leaders from the technology, automotive, and finance industries. We’re proud to be backed by a great team of investors, including QED Investors, Goldman Sachs, Moderne Ventures, Accomplice, Link Ventures, Motley Fool Ventures and others.
About the Role
Caribou Technology / Security Team
You'll build internal SecOps that actually understands our business. You will design and lead an AI-assisted detection pipeline, automating repetitive investigation work so you can focus on context: what's normal here, what systems matter most, and what threats actually target fintech companies like us. We're looking for someone who sees past the AI hype and uses these tools to achieve real outcomes. We practice Honest Security: transparency and partnership with employees, not surveillance.
You'll join a small, senior security team and collaborate across engineering and the business to understand our environment and contextualize defense.
Outcomes:
- Maintain strong security posture by leading SOC investigations, threat hunting, and incident response
- Improve MTTD and MTTR in Year 1 by designing and building AI-assisted triage automation and reducing manual effort
- Cut false positive rate and improve threat visibility by injecting business context into detection logic
- Identify adversaries who bypass automated detection through proactive threat hunting
- Build cross-functional relationships to understand our customers, products, and processes
This role may work remotely from a state where Caribou operates, with preference for the Denver, CO market. Alternatively, this role can be based out of our Caribou office in Denver, CO.
Interview Roadmap
- Recruiter phone interview (30 mins)
- At-home Python coding assessment (60 mins, AI code assist IDE)
- Hiring Manager video interview (45 mins)
- Final interview loop (combined ~4 hrs scheduled across 1-4 business days):
- SOC Fundamentals Interview (45 mins)
- Security Breadth & Culture Interview (60 mins)
- Technical Security / EDR Investigation Interview (60 mins)
- AI & Automation Architecture Interview (60 mins)
What We Look For
You don't need to check every box. If you bring most of these and are excited to grow into the rest, we want to hear from you.
- SOC experience: Alert triage, investigations, and incident response in a regulated environment (fintech, healthcare, etc.)
- SIEM proficiency: Strong experience with at least one major platform; you write detection rules, not just consume dashboards
- EDR investigation experience: You've used an EDR platform for real investigations, not just reviewed dashboards
- Builder track record: You've automated security workflows and reduced manual toil, including building with AI tools to achieve real outcomes
- Cloud & automation: Experience defending cloud environments (GCP, AWS, Azure) and building automation in at least one language
- Honest Security alignment: You believe security teams should partner with employees, not surveil them
Nice to have: GCP SecOps/Chronicle, CrowdStrike, Python, prior fintech experience