Senior Security Engineer - Detection & Response - EU/UK

The Impact You’ll Have

• Proactively monitor Marqeta’s environment for cyber threat activity and manage day-to-day security alerts through timely analysis, triage, and appropriate response actions
• Serve as incident commander during security events, directing investigation strategies and coordinating cross-functional response efforts
• Execute incident response activities aligned with the NIST Incident Response Lifecycle to detect, contain, eradicate, recover, and learn from cybersecurity incidents
• Contribute to the maintenance and improvement of the Cybersecurity Incident Response Plan (CIRP), playbooks, runbooks, and standard operating procedures to ensure consistent and effective response operations
• Participate in 24x7x365 on-call rotations, providing skilled guidance during security incidents and contributing to thorough post-incident reviews
• Research threat intelligence sources and contribute to hypothesis-driven threat hunting initiatives to uncover threats in corporate and production environments
• Work closely with Security Engineering to tune security solutions, enhance detection capabilities, and leverage business knowledge to improve security monitoring
• Design, develop, and maintain detection logic using a detections-as-code approach, collaborating with Security Solution Engineering to deploy detections through CI/CD pipelines into our SIEM and EDR platforms
• Contribute to detection coverage mapped to MITRE ATT&CK framework, identifying gaps in visibility and supporting detection development prioritization based on threat intelligence and business risk
• Coordinate with HR, law enforcement, response retainers, and cyber insurers as required, including support on cyber-crime financial fraud use cases
• Support the development of less-experienced security team members through knowledge sharing, pair investigations, and leading by example
• Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks

Who You Are

• 5+ years of hands-on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting
• Experience serving as an incident commander or leading incident response workstreams, with the ability to make sound decisions under pressure
• Strong knowledge of the NIST Incident Response Lifecycle and experience contributing to incident response documentation and procedures
• Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems
• Experience developing detections-as-code, including familiarity with version control, CI/CD pipelines, and detection testing frameworks
• Working knowledge of MITRE ATT&CK an