Expert Detection and Response Engineer (Remote)

 Posted 2 hours ago
     
 $124K - $229K per year
  
10+ years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

The role focuses on detecting, investigating, and responding to advanced cyber threats across cloud, corporate, and production environments. It involves developing threat detections in SIEM and building AI/LLM-assisted triage workflows to improve security operations efficiency.

Job Title:

Expert Detection and Response Engineer (Remote)

Requisition ID:

R027801

Job Description:

Role Overview

Activision is seeking an Expert Detection and Response Engineer to help protect our players, studios, platforms, and enterprise environments from advanced cyber threats. As part of our Global Security Operations organization, this role is responsible for actively identifying, investigating, and responding to security threats. This role is highly hands-on and focuses on real-world attacker behavior, rapid analysis, and effective containment.

Responsibilities

  • Detect, investigate, and respond to security incidents across cloud, corporate, and production environments as a hands‑on member of the TDIR team.
  • Monitor and analyze security telemetry and audit logs to identify anomalous activity, unauthorized access, and emerging threats, including targeted attacks and advanced adversaries.
  • Perform alert triage, in‑depth investigation, and forensic analysis across the full incident lifecycle, from identification through containment, remediation, and post‑incident review.
  • Execute endpoint, identity, cloud, and malware investigations, including timeline reconstruction, indicator extraction, and root cause analysis.
  • Develop, refine, and tune threat detections within the SIEM based on real‑world attacker behavior and investigation findings.
  • Enhance investigation and response efficiency through automation, SOAR workflows, scripting, and advanced analytics.
  • Design, build, or operate AI/LLM-assisted triage and enrichment workflows (e.g., agentic pipelines integrated with case management platforms) to accelerate investigation and reduce analyst toil.
  • Evaluate and harden AI-assisted security tooling against adversarial input, including prompt injection and verdict-poisoning risks introduced via analyzed artifacts, applying schema-constrained or otherwise bounded output design rather than relying solely on input-side filtering.
  • Contribute to TDIR procedures, playbooks, runbooks, documentation, and operational metrics.
  • Collaborate closely with engineering teams, business stakeholders, and vendors during active investigations and response efforts.
  • Participate in an on‑call rotation and provide off‑hours support for critical incidents and material security events.
  • Communicate investigation findings clearly and effectively to technical teams and leadership.
  • Occasional travel (up to approximately 10%) may be required to support studios or on-site incident response.

Required Qualifications

  • Bachelor’s degree in computer science, Information Security, or equivalent practical experience. 10+ years of progressively accountable security experience, with a demonstrated track record of independent, expert-level judgment in incident response.
  • Hands‑on experience in threat detection, security operations, and incident response, with active involvement across the full incident lifecycle.
  • Strong understanding of the modern threat landscape, attacker tactics, techniques, and procedures.
  • Proven ability to detect, triage, investigate, and respond to security incidents in enterprise environments.
  • Experience performing detailed log analysis, correlation, and investigative triage.
  • Strong written and verbal communication skills, with the ability to clearly articulate incident findings and response actions.
  • Ability to work independently and collaboratively within the TDIR team and with technical and business stakeholders.
  • Willingness to participate in an on‑call rotation and provide off‑hours support for critical security incidents.
  • Hands-on experience with security monitoring platforms such as SIEM and EDR, including building or significantly extending detection content (not solely tuning existing rules).
  • Scripting or programming experience (e.g., Python, PowerShell, KQL) to support detection, investigation, or response automation.
  • Strong host- and network-based forensic skills, including timeline reconstruction and root cause analysis.
  • Working knowledge of how LLMs are applied to security operations (alert enrichment, auto-triage, summarization) and the failure modes specific to that application, such as hallucinated verdicts, injection via log or artifact content, and over-trust in model output.
  • Fluency in English.

Preferred Qualifications

  • 12+ years of relevant IT and security experience, including prior leadership or mentorship of less-senior analysts.
  • Hands‑on malware analysis experience using static and dynamic techniques.
  • Experience implementing or operating SOAR platforms and security automation.
  • Hands-on experience building or integrating AI-assisted triage into a SOC workflow (SOAR, case management, or custom pipeline), including designing constrained output schemas or guardrails rather than relying solely on vendor-side content filtering.
  • Familiarity with emerging threat models for AI-augmented security tooling, such as prompt injection and verdict poisoning via analyzed artifacts.
  • Identity-focused detection experience, including Active Directory, hybrid identity, and privileged account monitoring.
  • Understanding foundational security best practices, including system and network hardening.
  • Ability to assess incidents quickly, recommend effective response actions, and mitigate operational and reputational risk.
  • Experience interfacing effectively with leadership, engineering teams, and external vendors.
  • Demonstrated engagement with the cybersecurity community or strong evidence of self‑driven learning and professional contribution.

Our World 

At Activision, we strive to create the most iconic brands in gaming and entertainment. We’re driven by our mission to deliver unrivaled gaming experiences for the world to enjoy, together. We are home to some of the most beloved entertainment franchises including Call of Duty®, Crash Bandicoot™, Tony Hawk’s™ Pro Skater™, and Guitar Hero®. As a leading worldwide developer, publisher and distributor of interactive entertainment and products, our “press start” is simple: delight hundreds of millions of players around the world with innovative, fun, thrilling, and engaging entertainment experiences.

We’re not just looking back at our decades-long legacy; we’re forging ahead to keep advancing gameplay with some of the most popular titles and sophisticated technology in the world. We have bold ambitions to create the most inclusive company as we know our success comes from the passionate, creative, and diverse teams within our organization. 

We’re in the business of delivering fun and unforgettable entertainment for our player community to enjoy. And our future opportunities have never been greater — this could be your opportunity to level up. 

Ready to Activate Your Future? 

The videogame industry and therefore our business is fast-paced and will continue to evolve. As such, the duties and responsibilities of this role may be changed as directed by the Company at any time to promote and support our business and relationships with industry partners.

 

We love hearing from anyone who is enthusiastic about changing the games industry. Not sure you meet all qualifications? Let us decide! Research shows that women and members of other under-represented groups tend to not apply to jobs when they think they may not meet every qualification, when, in fact, they often do! We are committed to creating a diverse and inclusive environment and strongly encourage you to apply. 

 

We are committed to working with and providing reasonable assistance to individuals with physical and mental disabilities. If you are a disabled individual requiring an accommodation to apply for an open position, please email your request to accomodations@activisionblizzard.com. General employment questions cannot be accepted or processed here. Thank you for your interest. 

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity, age, marital status, veteran status, or disability status, among other characteristics. 

Rewards

We provide a suite of benefits that promote physical, emotional and financial well-being for ‘Every World’ - we’ve got our employees covered!  Subject to eligibility requirements, the Company offers comprehensive benefits including:

  • Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance;
  • 401(k) with Company match, tuition reimbursement, charitable donation matching;
  • Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave;
  • Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others;
  • If the Company requires that you move geographic locations for the job, then you may also be eligible for relocation assistance.

Eligibility to participate in these benefits may vary for part time and temporary full-time employees and interns with the Company.  You can learn more by visiting https://www.benefitsforeveryworld.com/.

In the U.S., the standard base pay range for this role is $124,000.00 - $229,400.00 Annual. These values reflect the expected base pay range of new hires across all U.S. locations. Ultimately, your specific range and offer will be based on several factors, including relevant experience, performance, and work location. Your Talent Professional can share this role’s range details for your local geography during the hiring process. In addition to a competitive base pay, employees in this role may be eligible for incentive compensation. Incentive compensation is not guaranteed. While we strive to provide competitive offers to successful candidates, new hire compensation is negotiable.

Similar Jobs

See all Remote Software Development jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Software Development

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified