Senior Security Engineer (Monitoring, Detection & Response)

Location: Spain Remote

Team: Engineering

Welcome to Maisa - Making AI Accountable!

Our agentic process automation platform helps enterprises automate complex, decision-heavy processes that traditional automation can’t handle and GenAI can’t be trusted with. 

We enable organizations to scale operations, resist hallucinations, and bring end-to-end visibility and control to your most complex processes.

Powered by a new kind of computing platform, Maisa combines AI-driven problem solving with programmatic execution, so every action is reliable, auditable, and built for enterprise scale.

About the role… 

We’re looking for a Senior Security Engineer to lead and scale our security monitoring, threat detection, and incident response capabilities in a cloud-native environment. You’ll design and operate detection and response workflows across AWS and Kubernetes, improve signal quality, drive automation through SOAR, and partner closely with Engineering and SRE teams to reduce risk while enabling fast delivery.

What you’ll do

• Own detection engineering end-to-end: build, tune, and maintain threat detections across cloud, Kubernetes, workloads, and identity, focusing on high-fidelity signals and actionable alerts.

• Operate and evolve SIEM & SOAR: develop ingestion pipelines, parsing/normalization, enrichment, correlation, dashboards, and automated playbooks (triage, containment, evidence collection).

• Threat detection & alerting strategy: define alert standards (severity, SLAs, routing), reduce noise, and establish measurable detection coverage mapped to frameworks (e.g., MITRE ATT&CK).

• Incident response leadership: act as an incident responder and escalation point. Coordinate investigations, containment, eradication, recovery, and build incident reports; improve processes based on learnings.

• Detection content lifecycle: write, test, deploy, and continuously tune detection rules; maintain version control, peer review, and CI/CD for detections/playbooks.

• Threat hunting & proactive analysis: conduct hypothesis-driven hunts, identify gaps, and translate findings into new detections and automated response.

• Cross-functional collaboration: partner with GRC, SRE, and Engineering teams to harden services, improve observability, and roll out secure-by-default controls.

• Documentation and enablement: create runbooks, playbooks, and training so on-call responders and stakeholders can act quickly and consistently.

Required qualifications

• 6+ years in security engineering, detection & response, or SOC/IR roles, with strong hands-on technical depth.

• Proven experience building and operating SIEM (Splunk, Elastic, or other equivalent SIEM platforms) detections, alerting, and dashboards in production environments.

• Strong incident response skills: investigation, evidence collection and custody-chain enforcement, containment strategies, and communications.

• Solid knowledge of AWS security (CloudTrail, GuardDuty concepts, IAM, VPC flow logs, CloudWatch, etc.) and common cloud attack techniques.

• Practical experience securing Kubernetes environments (cluster telemetry, runtime signals, RBAC, admission controls, workload identity).

• Ability to write and maintain detections/playbooks as code (Python, Go, or similar), and comfort with automation and APIs.

• Strong understanding of attacker behavior, log sources, and detection tradeoffs (precision vs. recall).

Desirable qualifications

• Experience with Falco (or other runtime security tools), writing/tuning rules and integrating alerts into incident workflows.

• Familiarity with SOAR platforms and building automated playbooks (enrichment, containment, ticketing, chatops).

• Experience with cloud-native security telemetry and tooling (eBPF-based approaches, OpenTelemetry, service mesh logs, etc.).

• Exposure to threat modeling, red team/purple team exercises, and continuous detection validation.

Why join Maisa! 

You will be joining one of Europe’s most exciting early-stage AI start-ups, where you’ll have the opportunity to work with cutting-edge Agentic Process Automation that’s reshaping how enterprises approach AI deployment. You will get to directly influence how major multinational organizations transform critical business processes, working on genuinely differentiated technology that solves real enterprise AI challenges.

Following our recent $25m Seed Round, backed by leading Venture Capital firms including Creandum, Forgepoint, NFX, and Village Global, we’re scaling quickly and realising significant enterprise traction. This is your opportunity to help solve real AI enterprise challenges, working alongside deep technical and industry experts, where you will be challenged daily and expedite your learning and development.  

Maisa is committed to Equal Employment Opportunity through attracting and retaining a complementary team of employees and building an inclusive environment for all.