Senior Security Engineer- Incident Response

Sigma is seeking a Senior Security Engineer  to join our growing Cyber Security team. As a Senior Security Engineer, you will advance Sigma's Security strategy by shaping and evolving security architecture in alignment with business objectives. As a Senior Engineer, you will be focused on our Cloud/SaaS Security, designing, building, and maturing Sigma incident detection and response program. You will be responsible for creating and implementing strategies to identify, analyze, contain, eradicate, and recover from security incidents effectively. This role requires a blend of hands-on technical expertise, strategic program development, and strong cross-functional collaboration. 

We are looking for a builder and defender—someone who thrives in complex cloud-native environments, embraces automation ("let the robots do the work"), and has the strong vision to scale cloud security and incident response for a fast-moving SaaS company. If you are passionate about staying ahead of attackers, crafting innovative detections, and building resilient cloud defenses, we want to hear from you.

• Build, mature, and operate a robust incident detection and response program, encompassing people, processes, and technology.
• Provide expertise and guidance during critical security events, acting as a technical SME and primary point of contact to senior management.
• Develop and implement advanced detection methodologies, rules, and alerts to identify sophisticated threats rapidly.
• Manage the full lifecycle of security incidents, from initial detection and triage to containment, eradication, recovery, and thorough post-incident review.
• Architect and implement security automation solutions to streamline incident response workflows, enrich alerts, and facilitate faster remediation.
• Work with cross functional teams internal stakeholders like Legal, VP Security, Executive teams and External  IR retainer in case of high severity Incidents impacting customers.
• Collaborate closely with engineering, operations, and product teams to integrate security best practices, enhance logging, and ensure swift remediation of vulnerabilities identified during incidents.
• Document incident findings, lessons learned, and contribute to the development of actionable intelligence to prevent future occurrences.
• Drive advance threat hunting and forensics uncover malicious activity through proactive hunts, network forensics, and cloud/host-based investigations.
• Design, implement, and continuously improve Sigma Cloud Security in all  environments - AWS, GCP, Azure.
• Enhance Vulnerability management – identify, prioritize, and guide remediation of risks across cloud infrastructure and applications.
• Advance Cloud and network security – build standards and protections to defend workloads, identities, Sigma services and data.
• Develop and mature IR runbooks, playbooks, and automations to scale security response across environments.
• Use AI securely and effectively to make the team efficient and scale Security Practices.
• Stay ahead of evolving threats – leverage intelligence, attack simulation, and red/blue team learnings to refine defenses.
  
  

• Bachelor's or Master Degree in Computer Science, Cyber Security or related fields.
• Relevant certifications such as GCIH, GCFA, GNFA, CISSP, CCSP, or AWS Security Specialty.
• Proven ability to produce high-quality results in a fast-paced SaaS environment or similar large scale environment.
• 6+ years of hands-on experience in Security Engineering, Cloud Security, Incident Response with a strong focus on Cloud Security & Incident Response – including host/cloud forensics, threat hunting, detection engineering in SaaS or Cloud first Organizations.
• Strong proficiency in scripting languages (e.g., Python, Go, PowerShell) for automation, data analysis, and security tooling development.
• Demonstrated experience building, maturing, and scaling incident response programs, including detection engineering, playbook development, and conducting incident post-mortems in large scale environments.
• Strong experience working as Incident Responder and Manager to address critical business and customer security Incidents. 
• Good understanding and proven knowledge of AWS, GCP, or Azure environments; Kubernetes, Terraform, or other IaC.
• Deep Hands-on knowledge on security tooling across SIEM, EDR, CNAAP, WAF, CASB,DSPM, CSPM.
• Solid understanding of threat intelligence frameworks, attacker techniques (MITRE ATT&CK), and detection use cases.
  
  

At Sigma, security is at the core of our mission. We power insights and innovation for our customers, and protecting their data is our highest priority. As a Senior Security Engineer, you will have the autonomy to shape our Cyber Security strategy, access to cutting-edge technologies, and the opportunity to solve real problems at scale.

Join us and be part of a security team that values collaboration, innovation, and resilience—while giving you the room to grow, lead, and leave your mark on Sigma's security journey.

Sigma is the only cloud analytics and business intelligence tool empowering business teams to break free from the confines of the dashboard, explore data for themselves, and make better, faster decisions. The award-winning software was built to capitalize on the performance power of cloud data warehouses to combine data sources and analyze billions of rows of data instantly via an intuitive, spreadsheet-like interface – no coding required.

Since launching with its unique interface, Sigma Computing has added features such as collaboration tools and embedded analytics capabilities. The most recent product launch included a set of AI tools such as forecasting capabilities, an AI copilot and a notebook interface for users who prefer a code-first environment.

Sigma announced its $200M in Series D financing in May 2024, to continue transforming BI through its innovations in AI infrastructure, data application development, enterprise-wide collaboration, and business user adoption. Spark Capital and Avenir Growth Capital co-led the Series D funding round, with additional participation from a group of past investors including Snowflake Ventures and Sutter Hill Ventures.The Series D funding, raised at a valuation 60% higher than the company's Series C round three years ago, promises to further accelerate Sigma's growth.   

Come join us

• Equity
• Generous health benefits
• Flexible time off policy. Take the time off you need
• Paid bonding time for all new parents
• Traditional and Roth 401k
• Commuter and FSA benefits
• Lunch Program
• Dog friendly office

Sigma Computing is an equal opportunity employer. We are committed to building a smart and strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We look forward to learning how your experience can enable all of us to grow.

Note: We have an in-office work environment in all our offices in SF, NYC, and London.