Senior Threat Detection and Response Engineer

Amex GBT is a place where colleagues find inspiration in travel as a force for good and - through their work - can make an impact on our industry. We're here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.

We are seeking a Senior Detection Engineer to join our Cyber Defense organization, reporting to the Manager of Threat Detection and Response. This is a fully remote, US-based role with a preference for candidates located in the western United States (West Coast or Rocky Mountain region). You will be a core technical contributor on a diverse, globally distributed, and high-performing team of 20 cybersecurity professionals, working alongside a SecOps AI engineering team and mentoring a junior detection engineer.

This role owns the full detection engineering lifecycle - from threat intelligence and hunt operations through detection-as-code development, automation, and critical incident response. If you are energized by building detection capabilities from the ground up, thrive in a fast-paced SOC environment, and want to do it with a team that takes craft seriously, we want to hear from you.

What You'll Do

Detection Engineering

• Design, build, and maintain detection logic using CrowdStrike, leveraging its EDR telemetry to identify advanced threats

• Develop and operationalize detection-as-code, including custom queries and correlation rules

• Conduct cyber threat intelligence (CTI) analysis and proactive threat hunting to surface novel attack patterns

• Continuously tune and improve detection fidelity, reducing false positives and improving signal quality

Automation and Orchestration

• Build and maintain automated response workflows and playbooks in Tines

• Collaborate with the SecOps AI engineering team to integrate AI-driven capabilities into detection and response pipelines

• Manage detection content and automation code in GitHub, applying software engineering best practices (version control, code review, CI/CD)

• Write Python scripts to extend automation, parse data, and support detection development

Incident Response and DFIR

• Serve as a senior technical resource for critical incident response, including after-hours and weekend escalations for high and critical severity events

• Apply digital forensics and incident response (DFIR) expertise to investigate, contain, and remediate security incidents

• Develop and refine incident response playbooks and post-incident documentation

• Lead or support SOC incident management in the absence of the manager

Leadership and Mentorship

• Mentor and develop a junior detection engineer through regular guidance, code review, and knowledge sharing

• Deliver monthly cybersecurity training sessions for the broader team

• Generate monthly platform performance reports and contribute to strategic planning discussions

• Evaluate emerging security technologies and contribute to proof-of-concept assessments

Location

United States

The US national base salary range for this position is from

$104,300.00 - $193,700.00

The national range provided includes the base salary that Amex GBT expects to pay for the role. Actual base salary will be based on factors including the scope and complexity of the role and the successful candidate's relevant experience, skills, knowledge, and work location.

In addition to base salary, the anticipated range of which is posted above, this role is eligible for a discretionary annual bonus, which rewards participants based on company and individual performance.

For information about our comprehensive US benefits programs and eligibility, please review our Benefits-at-a-Glance document.

Benefits at a glance (

The #TeamGBT Experience

Work and life: Find your happy medium at Amex GBT.

• Flexible benefits are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and wellbeing resources to support you and your immediate family.

• Travel perks: get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.

• Develop the skills you want when the time is right for you, with access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.

• We strive to champion Inclusion in every aspect of our business at Amex GBT. You can connect with colleagues through our global INclusion Groups, centered around common identities or initiatives, to discuss challenges, obstacles, achievements, and drive company awareness and action.

• And much more!

All applicants will receive equal consideration for employment without regard to age, sex, gender (and characteristics related to sex and gender), pregnancy (and related medical conditions), race, color, citizenship, religion, disability, or any other class or characteristic protected by law.

Click Here ( for Additional Disclosures in Accordance with the LA County Fair Chance Ordinance.

Furthermore, we are committed to providing reasonable accommodation to qualified individuals with disabilities. Please let your recruiter know if you need an accommodation at any point during the hiring process. For details regarding how we protect your data, please consult the Amex GBT Recruitment Privacy Statement ( .

What if I don't meet every requirement? If you're passionate about our mission and believe you'd be a phenomenal addition to our team, don't worry about "checking every box;" please apply anyway. You may be exactly the person we're looking for!

Click Here to Learn More (