Senior Threat Detection Engineer - Intelligence
InVisionApp·Accel (Getro)
Alió, SpainPosted Jul 2, 2026
ApplyHomeOpen positionsVacancySenior Threat Detection Engineer - IntelligenceDepartment: EngineeringLocations: AustinJob Requisition ID: JR001119Apply nowWe’re looking for a Senior Threat Detection & Intelligence Engineer to help us understand how adversaries operate, detect meaningful threats early, and lead investigations when it matters most. This role sits at the intersection of threat intelligence, detection engineering, and incident investigation with an engineering-first mindset.If you enjoy turning messy signals into clear attacker narratives, this role is for you.About the TeamThe Cloud Security & Detection & Response (CSDR) team protects Miro by staying ahead of credible threats. We focus on:Translating external threat intelligence into actionable detectionsBuilding custom, high-fidelity detections for cloud and SaaS environmentsLeading complex investigations and incident responsePartnering with engineering to drive security by designWe care about context, signal quality, and attacker intent not alert volume.What You’ll DoTrack emerging threats, attacker techniques, and campaigns relevant to cloud and SaaSTurn threat intelligence into practical detection strategies and attack hypothesesDesign and maintain context-aware detections across cloud, identity, and application layersLead deep investigations, from first signal to root cause and remediationAct as a technical lead during security incidents, guiding response and decision-makingAnalyze detection and investigation trends to improve preventative controlsPartner with engineering teams to raise security maturity across the organizationWho This Role Is ForThis role is a great fit if you:Think in attacker TTPs, not just alerts or dashboardsEnjoy investigating ambiguous signals and turning them into clear conclusionsHave experience in threat intelligence, threat hunting, or security investigationsCare about why something is happening, not just what firedWant to build detection programs that evolve with the threat landscapeAre comfortable explaining technical risk in business termsThis role is not a fit if you’re mainly focused on compliance, policy writing, or managing vendors.What We’re Looking For5–7 years in security, with 2+ years in threat detection, threat intelligence, or investigationsExperience in cloud-native SaaS environments (AWS strongly preferred)Strong investigation skills and ability to analyze attacker behaviorExperience using threat intelligence to inform detection and responseProficiency in Python and comfort automating security workflowsExperience querying large datasets (SQL or similar)Familiarity with cloud security telemetry, logging, and detection platformsSolid understanding of incident response and digital forensicsExperience with Infrastructure as Code (Terraform or similar)Why You’ll Love This RoleYou’ll help define how threat intelligence is used, not just consume itYou’ll work on real attacker behavior, not checkbox securityYou’ll have room to build, experiment, and improve detection capabilitiesYou’ll partner closely with engineers who value security as an engineering problemWhat's in it for youWe want you to feel supported, connected, and ready to grow. Our global benefits package generally includes equity, a wellbeing benefit, a WFH equipment allowance, and an annual Learning & Development stipend. Join a diverse team where you can do your best work. Full benefits may differ per location. If you would like to learn more about location-specific benefits, please refer to our Global Miro benefits board.Recruiter: #LI-MH1About Miro
Miro is a visual workspace for innovation that enables distributed teams of any size to build the next big thing. The platform's infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, and more. Miro, co-headquartered in San Francisco and Amsterdam, serves more than 100M users and 250,000 companies collaborate in the Innovation Workspace. Miro was founded in 2011 and...