Senior Security Engineer - Blue Team (Remote)

InsiderOne LLC

Job Overview

Location

Istanbul, Turkiye

Job Type

Full-time

Full Job Description

📋 Description

• Be the last line of defense for a platform that reaches 25 % of the world’s internet users and processes 2.2 billion requests every single day. As Insider One’s Senior Security Engineer – Blue Team you will architect, tune, and continuously evolve the security operations that protect the data and trust of 2,000 global brands—from Samsung and Nike to Singapore Airlines and IKEA.
• Own the full lifecycle of our SIEM and SOAR ecosystem. You will configure correlation rules, optimize data ingestion pipelines, and build automated playbooks that shrink mean-time-to-detect from minutes to seconds. Expect to work with petabyte-scale data sets, 450+ production servers, and a multi-cloud environment where every millisecond of latency matters.
• Turn threat intelligence into action. You will integrate commercial feeds, open-source intel, and MITRE ATT&CK mappings to create high-fidelity detection logic that surfaces real attacks while ruthlessly eliminating false positives. Your dashboards will become the single pane of glass that executives, SOC analysts, and product engineers rely on for situational awareness.
• Lead end-to-end incident response. When alerts fire, you are the quarterback—triaging, containing, eradicating, and documenting lessons learned. You will coordinate with DevOps, SRE, and customer-facing teams to ensure that every root-cause analysis drives measurable improvements in code, configuration, and culture.
• Engineer deception and early-warning systems. From canary tokens to honeypots, you will design lightweight traps that give us the first signal of lateral movement or insider threats. Your creativity will turn attacker curiosity into actionable telemetry.
• Harden our cloud and on-prem estates. You will audit AWS IAM policies, review Kubernetes RBAC, and validate firewall rules across hybrid networks. Every change you ship is peer-reviewed, version-controlled, and backed by automated testing so that security keeps pace with daily releases.
• Mentor and uplift the broader security community. You will run internal “lunch-and-learn” sessions, contribute to our open-source projects, and represent Insider One at conferences and meetups. Your passion for knowledge-sharing will help us scale security culture faster than we scale headcount.
• Champion metrics that matter. You will define KPIs such as dwell time, detection coverage, and automation ratio, then build executive-level reports that translate technical risk into business impact. Data-driven storytelling is your superpower.
• Participate in red-blue-purple team exercises and tabletop drills. You will script realistic attack scenarios, measure detection gaps, and track remediation to closure. Every drill ends with a concrete backlog that raises the bar for the next iteration.
• Stay relentlessly curious. Whether it’s a new AWS service, an emerging Linux rootkit, or a novel phishing technique on WhatsApp, you will prototype, test, and document your findings so the entire organization learns at the speed of threat evolution.

🎯 Requirements

• 5+ years of hands-on experience in security operations, incident response, or blue-team engineering at internet scale
• Deep expertise with SIEM platforms (Splunk, Elastic, or similar) and SOAR tools (Phantom, Demisto, Tines, etc.)
• Proficiency in Python, Go, or Bash for automation and custom detection development
• Solid understanding of MITRE ATT&CK, cloud security controls (AWS IAM, GuardDuty, Security Hub), and container security (Kubernetes, Docker)
• Strong written and verbal communication skills in English; Turkish fluency is a plus

🏖️ Benefits

• Fully remote-first culture with flexible hours and quarterly in-person retreats in Istanbul
• Competitive salary benchmarked to top 10 % of global security roles
• Annual $3,000 professional-development stipend for conferences, certifications, or courses
• Premium private health insurance for you and immediate family members
• Stock-option plan with four-year vesting and one-year cliff

Skills & Technologies

AWS

Kubernetes

Linux

Senior

Hybrid

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

InsiderOne LLC

Visit Website

About InsiderOne LLC

InsiderOne LLC is a data-driven intelligence platform that aggregates and analyzes consumer, market, and competitive information to help businesses make faster strategic decisions. By combining proprietary data sources, AI analytics, and expert verification, it delivers real-time dashboards, alerts, and reports for product, marketing, and investment teams across retail, technology, and finance sectors.

View Company Profile