# Sr Security Operations Engineer, Detection and Response

Remote from[UK](https://jobicy.com/job-region/uk.md), [Canada](https://jobicy.com/job-region/canada.md)Annual salary Undisclosed Salary information is not provided for this position.
Check our [Salary Directory](https://jobicy.com/salaries.md) to estimate the average compensation for similar roles.Department  [Cybersecurity](https://jobicy.com/categories/cybersecurity.md) Employment type Full Time, Job posted10 Jun 2026Apply before10 Jul 2026Experience level  Senior
Views / Applies 3048 / 790 [About company](https://jobicy.com/company/fortis-games.md) [Share](#share)

About [Fortis Games](https://jobicy.com/company/fortis-games.md)

Fortis Games is a game development studio focused on creating immersive gaming experiences.

*

[Computer Games](https://jobicy.com/company-category/computer-games.md)
*  2021

Actively Hiring  Verified job posting This job post has been [manually reviewed](https://jobicy.com/tools/help-center/employee/how-does-jobicy-verify-the-legitimacy-of-remote-job-listings.md) for authenticity and compliance.       Tailor Resume Check Job Fit Cover Letter

### Tailor my resume to this job

Discover how to best rewrite and optimize your resume for this specific job. You'll receive personalized suggestions and detailed guidance to highlight your key strengths, effectively address the job requirements, and make your application more compelling to recruiters and hiring managers.     After analyzing your resume, I can provide several recommendations to better position yourself for this role.  Your background in software development shows strong technical skills, particularly in Java and Python development. However, for this Senior Backend Developer position, I notice there could be more emphasis on your experience with microservices architecture and cloud technologies, which are key requirements for this role. I recommend highlighting specific projects where you utilized these technologies and quantifying your achievements to demonstrate impact... Upgrade to Plus

### Am I a good fit for this job?

Understand your compatibility with this specific job opportunity. Our detailed analysis will assess your resume against the role's requirements, providing insights into your potential fit, key skill alignments, and areas you might need to develop to be a strong candidate.     After assessing your resume against the job requirements, here's a summary of your fit:  1. Overall Match: Moderate Fit (Approx. 65-70%). Your resume shows good alignment with several core responsibilities for the Project Manager role, especially your experience in agile methodologies and stakeholder communication.
2. Key Strengths: Your PMP certification and proven track record in delivering projects on time are strong assets for this position.
3. Potential Gap: The role specifies experience with 'XYZ specific software', which is not explicitly mentioned in your resume. If you have this experience, ensure it's highlighted.
4. Recommendation: Consider adding a quantifiable achievement related to budget management, as this is often a key metric for PM roles... Upgrade to Plus

### Cover Letter Assistant

Need help writing a compelling cover letter? Our system can analyze this job and your resume to help you draft personalized paragraphs that highlight your strengths and impress hiring managers.      Let me help you draft a strong opening...  Dear Hiring Manager, I am writing to express my keen interest in the Senior Marketing Manager position. My background in developing data-driven marketing strategies and leading successful product launches, as detailed in my resume, directly aligns with your need for a candidate capable of enhancing brand visibility and driving market share growth. I am confident I can make a significant contribution to your team... Upgrade to Plus

###  AI Summary

Fortis Games is seeking a Senior Security Operations Engineer to build and mature their security operations capability. This hands-on role involves designing detections, improving SIEM/EDR workflows, and leading incident response across corporate, cloud, and game development environments. The ideal candidate has a builder mindset, enjoys startup-style ownership, and can spend about 20% of their time on GRC activities. The role requires participation in a weekend-inclusive schedule to ensure continuous coverage. This is a senior position for someone with deep technical expertise in security operations and detection engineering.

### Role DNA

Job Complexity Easy Hard Pace & Pressure Relaxed Fast-paced Autonomy Level Guided Full Ownership Communication Load Independent Highly Collaborative

AI Insight This role demands senior-level expertise in security operations, detection engineering, and incident response, along with the ability to handle GRC tasks, making it highly challenging.

### Salary Analysis

Median  Market Rate  $155,000US Market $120k – 200k 0 $220k      AI Insight The salary for this position was not provided, but based on market data for a Senior Security Operations Engineer in the US, the median is approximately $155,000. The typical range for this role is $120,000 to $200,000, depending on experience and location. The offered salary is likely competitive given the seniority and specialized skills required.

### Core Skills Required

[Detection Engineering](https://jobicy.com/jobs?search_keywords=Detection+Engineering.md) [Incident Response](https://jobicy.com/jobs?search_keywords=Incident+Response.md) [SIEM](https://jobicy.com/jobs?search_keywords=SIEM.md) [EDR](https://jobicy.com/jobs?search_keywords=EDR.md) [CrowdStrike Falcon](https://jobicy.com/jobs?search_keywords=CrowdStrike+Falcon.md) [AWS Security](https://jobicy.com/jobs?search_keywords=AWS+Security.md) [Python](https://jobicy.com/jobs?search_keywords=Python.md) [Security Automation](https://jobicy.com/jobs?search_keywords=Security+Automation.md) [Threat Intelligence](https://jobicy.com/jobs?search_keywords=Threat+Intelligence.md) [Deception Technology](https://jobicy.com/jobs?search_keywords=Deception+Technology.md)

### Cover Letter Sample

Dear Hiring Manager,

I am writing to express my interest in the Senior Security Operations Engineer position at Fortis Games. With over 6 years of experience in security operations and detection engineering, I have a proven track record of building and maturing security capabilities in fast-paced environments. My expertise includes designing detection-as-code pipelines, leading incident response, and integrating security into cloud and game development ecosystems.

I am particularly drawn to Fortis Games' mission of creating inclusive gaming communities and your team-first culture. In my previous role, I successfully implemented SIEM improvements and reduced detection latency by 40%, while also supporting GRC activities to ensure audit readiness. I thrive in roles that require a builder mindset and full ownership of security outcomes.

I look forward to the opportunity to contribute to your team and help secure Fortis Games' innovative products.

Sincerely, [Your Name]

Copy

### Sample Interview Questions

Describe a time you built a detection from scratch. What was the process and how did you validate it?I once built a detection for suspicious PowerShell usage in our AWS environment. I started by researching common attacker techniques using MITRE ATT&CK, then I wrote detection logic in our SIEM using KQL. I tested the detection against historical data and created a test environment to simulate the behavior. After validation, I deployed it via our detection-as-code pipeline and established a peer review process. Post-launch, I monitored the alert rate and tuned it to reduce false positives.How do you handle a high-severity incident that occurs outside of business hours?I follow our incident response playbook, which includes initial triage using our monitoring tools. I assess the severity and impact, then initiate containment steps like isolating affected hosts or revoking compromised credentials. I communicate with the on-call team through our established channels and document every step. After containment, I ensure evidence is preserved for further analysis and provide a preliminary report. The incident is then handed over to the day team for deeper investigation.Explain how you would implement detection-as-code in a security operations environment.I would set up a git repository for detection logic, using a branching strategy for development and production. Each detection would be written as code (e.g., YAML or Python) with metadata like severity, MITRE technique, and data sources. I'd integrate with a CI/CD pipeline that runs linting and testing against a test SIEM environment. Peer reviews would be mandatory before merging. Deployment would be automated using tools like Ansible or Terraform to push detections to production SIEM/EDR systems.What are the key considerations when designing deception capabilities for a cloud environment?Key considerations include placing decoys in realistic but low-traffic areas to avoid alert fatigue, using canary tokens that mimic real credentials or API keys, and ensuring decoys are isolated to prevent lateral movement. I would also monitor interactions with decoys to gather threat intelligence. It's important to have a clear response plan when a decoy is triggered, as it indicates a malicious actor. Additionally, regular maintenance is needed to keep decoys relevant and avoid them being detected by adversaries.How do you balance the need for security visibility with performance and cost in a cloud environment?I prioritize logging based on risk and compliance requirements, using services like AWS CloudTrail, VPC Flow Logs, and GuardDuty. I implement log sampling for high-volume sources and set up alerting thresholds to avoid noise. For cost, I use centralized log storage with tiered retention policies, and I regularly review logs to disable unnecessary ones. I also leverage cloud-native tools that are cost-effective, like AWS Security Hub, and use automation to aggregate and correlate logs efficiently.   Who we are
At Fortis Games we aspire to make great games that bring people together while redefining how game companies work. We believe in building a sense of belonging through our games, their communities, and how we operate and treat each other. Through our game communities, we will create powerful connections and lasting memories. We will foster a culture of diversity, equity and belonging where together our diverse skills, experiences and backgrounds impact the games we make.
We are an early but mighty organization with a leadership team of game industry veterans. There are many opportunities for you to have a big impact on the products we’ll be making as well as the overall direction of the company. If you’re passionate about tackling difficult problems with direct and thoughtful communication and team first mentality, we may be the right place for you.

## About the Role

Fortis Games is looking for a Senior Security Operations Engineer, Detection and Response to help build and mature our security operations capability. This is a senior, hands-on role for someone who understands SOC requirements at a high engineering level and can turn attacker behavior, telemetry, and operational risk into reliable detections, response workflows, and measurable security improvements.

You will own and improve the systems we use to detect, investigate, and respond to threats across our corporate, cloud, identity, endpoint, and game development environments. You will build and maintain detection logic, improve SIEM and EDR workflows, develop detection-as-code practices, and use deception techniques to create high-signal visibility into suspicious activity.

This role is ideal for someone who has a builder mindset, enjoys startup-style ownership, and wants to create practical security capability in a fast-moving environment. This is not primarily a GRC role; however, you should be comfortable spending approximately 20% of your time supporting audit readiness, control evidence, third-party reviews, policy documentation, and related governance activities where technical security judgment is required.

This role requires participation in a weekend-inclusive schedule to support continuous security operations coverage across time zones.

## What You’ll Achieve

* Design, implement, test, and tune detections across endpoint, identity, cloud, SaaS, network, and application telemetry.
* Build detection-as-code practices using version control, testing, peer review, documentation, and repeatable deployment methods.
* Improve SIEM and security telemetry pipelines, including log ingestion, parsing, enrichment, correlation logic, alert routing, and case management workflows.
* Design and operate practical deception capabilities such as canary tokens, decoy accounts, honey assets, and other high-signal tripwires.
*  Lead and support incident response investigations — perform severity triage, coordinate containment and remediation, and produce clear post-incident findings.
* Work closely with IT, infrastructure, engineering, and game development teams to improve security visibility and response readiness across the environment.
* Support selected GRC activities including audit evidence collection, technical control documentation, third-party risk input, and policy or SOP documentation (approximately 20% of time).

## What You’ll Need to Be Successful

* 6+ years of experience in security operations, detection engineering, incident response, or a similar hands-on technical security role.
* Strong experience writing, tuning, validating, and maintaining detections in SIEM, EDR, cloud, identity, or SaaS environments.
* Hands-on experience with SIEM platforms and EDR tools such as CrowdStrike Falcon or comparable technology.
* Practical AWS security knowledge including IAM, CloudTrail, GuardDuty, VPC flow logs, S3, and cloud-native detection opportunities.
* Ability to script or automate security workflows using Python, Bash, PowerShell, SQL, or similar tools.
* Working knowledge of audit evidence, control documentation, third-party reviews, policies, standards, and security frameworks.
* Ability to work a weekend-inclusive schedule to support continuous security operations coverage.
* Experience in gaming, entertainment, SaaS, or lean cloud-native security teams strongly preferred.
* BONUS! Experience with threat hunting, adversary emulation, SOAR or workflow automation, deception technologies, security data engineering, or security metrics would be valuable. Certifications such as CISSP, CISM, GCIA, GCIH, GCFA, GNFA, GCTI, or OSCP are welcome, but are not a replacement forhands-on technical judgmet.

Why join us
There are many reasons to join us, but here are a few:

* We strongly believe we are changing how games studios operate and at the core of what we do is making great games that create a connected community
* We’re not just about making Games Where You Belong. We’re also about building communities where our people belong. That’s why Fortis is a thriving environment that celebrates diversity, embraces inclusivity, and fosters growth.
* Build and grow with a seasoned team of accomplished talent who have left an impactful mark in their disciplines, both in and out of gaming

Fortis is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.

Show more

[Apply now >](https://jobicy.com/jobs/145947-sr-security-operations-engineer-detection-and-response.md)

>  Annual salary information is not provided for this position. Explore salary ranges for similar roles in our [Salary Directory ›](https://jobicy.com/salaries.md)

*

![Upload CV](data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI2NSIgaGVpZ2h0PSI2NSIgZmlsbD0ibm9uZSIgeG1sbnM6dj0iaHR0cHM6Ly92ZWN0YS5pby9uYW5vIj48ZyBjbGlwLXBhdGg9InVybCgjQSkiPjxwYXRoIGQ9Ik0wIDBINjVWNjVIMFYwWiIgZmlsbD0iIzAyOWFlYiIvPjxnIGZpbGw9IiNmZmYiIHN0cm9rZT0iI2ZmZiIgc3Ryb2tlLXdpZHRoPSIyIj48cGF0aCBkPSJNMzMuMDQ5IDE1LjQ1NGExLjQzIDEuNDMgMCAwIDAtMi4wOTcgMGwtNy41NzkgOC4xNDdhMS4zOCAxLjM4IDAgMCAwIC4wOSAxLjk3MyAxLjQ0IDEuNDQgMCAwIDAgMi4wMDgtLjA4OGw1LjEwOS01LjQ5MnYyMC42MWExLjQxIDEuNDEgMCAwIDAgMS40MjEgMS4zOTdjLjc4NSAwIDEuNDIxLS42MjUgMS40MjEtMS4zOTd2LTIwLjYxbDUuMTA5IDUuNDkyYTEuNDQgMS40NCAwIDAgMCAyLjAwOC4wODggMS4zOCAxLjM4IDAgMCAwIC4wOS0xLjk3M2wtNy41NzktOC4xNDZ6TTE2Ljc2OSAzOC40YzAtLjc3My0uNjItMS40LTEuMzg1LTEuNFMxNCAzNy42MjcgMTQgMzguNHYuMTAybC4yMTUgNi4yMjljLjIyMyAxLjY4LjcwMSAzLjA5NSAxLjgxMyA0LjIxOHMyLjUxIDEuNjA3IDQuMTcyIDEuODMzYzEuNi4yMTggMy42MzYuMjE4IDYuMTYuMjE4aDExLjI4bDYuMTYtLjIxOGMxLjY2Mi0uMjI2IDMuMDYxLS43MDkgNC4xNzItMS44MzNzMS41ODktMi41MzggMS44MTMtNC4yMThDNTAgNDMuMTEzIDUwIDQxLjA1NSA1MCAzOC41MDNWMzguNGMwLS43NzMtLjYyLTEuNC0xLjM4NS0xLjRzLTEuMzg1LjYyNy0xLjM4NSAxLjRsLS4xOSA1Ljk1OGMtLjE4MiAxLjM3LS41MTUgMi4wOTUtMS4wMjYgMi42MTJzLTEuMjI4Ljg1My0yLjU4MyAxLjAzOGMtMS4zOTUuMTktMy4yNDMuMTkzLTUuODkzLjE5M0gyNi40NjJjLTIuNjUgMC00LjQ5OC0uMDAzLTUuODkzLS4xOTMtMS4zNTUtLjE4NC0yLjA3Mi0uNTIxLTIuNTgzLTEuMDM4cy0uODQ0LTEuMjQyLTEuMDI2LTIuNjEyYy0uMTg3LTEuNDEtLjE5MS0zLjI3OS0uMTkxLTUuOTU4eiIvPjwvZz48L2c+PGRlZnM+PGNsaXBQYXRoIGlkPSJBIj48cGF0aCBmaWxsPSIjZmZmIiBkPSJNMCAwaDY1djY1SDB6Ii8+PC9jbGlwUGF0aD48L2RlZnM+PC9zdmc+)

### Upload your resume now

To unlock remote work opportunities and be discovered by global employers.

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

## How to apply

## See a few more

Similar Cybersecurity remote jobs

*
![GitLab logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2020/12/WRILS-201207055737-109952.jpg)

GitLab

[VP, Corporate Security](https://jobicy.com/jobs/147876-vp-corporate-security.md)

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 297,600-360k/year*
![Smartsheet logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/8b6103bd-221.jpg)

Smartsheet

[Senior Security Engineer II, Application Security (Remote Eligible)](https://jobicy.com/jobs/147873-senior-security-engineer-ii-application-security-remote-eligible.md)

For over 20 years, Smartsheet has empowered teams to manage work seamlessly and scale solutions smarter. Now, in our most ambitious chapter yet, we are uniting human teams with AI…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 175k-245k/year*
![Vercel logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/a6aded72-221.png)

Vercel

[Security Software Engineer, IAM](https://jobicy.com/jobs/147750-security-software-engineer-iam.md)

About Vercel: Vercel is the agentic infrastructure company. We free people and agents to ship what’s next. For more than a decade, Vercel has shaped how the web is built….

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 208k-312k/year*
![Synthesia logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2026/06/c69aad11-221.webp)

Synthesia

[Application Security Engineering Manager](https://jobicy.com/jobs/146803-application-security-engineering-manager.md)

Synthesia is the world’s leading AI video platform for business, used by over 90% of the Fortune 100. Founded in 2017, the company is headquartered in London, with offices and…

![UK flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/gb.svg)

![Europe flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/eu.svg)
GB, EU•Full TimeJun 16*
![Nebius logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2026/06/d90c0566-221.webp)

Nebius

[Application Security Engineer](https://jobicy.com/jobs/146769-application-security-engineer-2.md)

About Nebius: Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from…

![UK flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/gb.svg)

![Europe flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/eu.svg)
GB, EU +3 more, DE, NL, CZ•Full TimeEUR 75k-240k/year*
![Experian logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2021/09/dcc5b29a570bb19b9f5c3e150db2fdfe.jpg)

Experian

[Cyber Defense Senior Analyst](https://jobicy.com/jobs/146651-cyber-defense-senior-analyst.md)

Company DescriptionExperian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare,…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeJun 16*
![Fivetran logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/3b8e4532-221-1.jpg)

Fivetran

[Lead Sales Engineering Specialist – Security](https://jobicy.com/jobs/146498-lead-sales-engineering-specialist-security.md)

From Fivetran’s founding until now, our mission has remained the same: to make access to data as simple and reliable as electricity. With Fivetran, customer data arrives in their warehouses,…

![EMEA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/emea.svg)

![Ireland flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/ie.svg)
EMEA, IE•Full TimeJun 14*
![Truelogic logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/e7ae6cb6-221-1.png)

Truelogic

[Senior SecOps Automation Engineer – Consumer FinTech](https://jobicy.com/jobs/146284-senior-secops-automation-engineer-consumer-fintech.md)

About TruelogicAt Truelogic we are a leading provider of nearshore staff augmentation services headquartered in New York. For over two decades, we’ve been delivering top-tier technology solutions to companies of…

![LATAM flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/latam.svg)
LATAM•Full TimeJun 12*
![Pair Team logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/105c0d0c-221.png)

Pair Team

[Senior Security Engineer](https://jobicy.com/jobs/146199-senior-security-engineer.md)

About Pair TeamPair Team is building a new kind of healthcare system across Medicaid, Medicare, and public assistance programs: one that recognizes that access to housing, nutritious food, and reliable…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 170k-190k/year*
![ECS logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/e346542a-221.png)

ECS

[Computer Security System Specialist](https://jobicy.com/jobs/146111-computer-security-system-specialist.md)

ECS is seeking an experienced Computer Security System Specialist to work remotely providing cybersecurity support for the work performed under this contract for NIH NIAID Enabling and Advancing Technologies (NEAT). All other tasks…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeJun 10
[More Jobs](https://jobicy.com/jobs.md)