Security Engineer, Incident Response (Remote)

Security Engineer, Incident Response (Remote)

Why join us

Brex is reimagining financial systems so every growing company can realize their full potential. As the financial OS, we’re building software and services in one place—disrupting long-entrenched institutions with products and experiences that better serve the ambitions of our customers.

Working at Brex allows you to push your limits, challenge the status quo, and collaborate with some of the brightest minds in the industry. We’re committed to building a diverse team and inclusive culture and believe your potential should only be limited by how big you can dream. We make this a reality by empowering you with the tools, resources, and support you need to grow your career.

Engineering at Brex

The Engineering team includes Data, IT, Security, and Software, and is responsible for building innovative products and infrastructure for Brex and our customers. We believe that engineers should accelerate the business through technology, and collaborate across multiple teams to accomplish that. 

Teams are autonomous, value inclusivity, eager to learn, teach and constantly improve how things work. The software we build today is the foundation for dozens of Brex systems in the future, so engineers have a strong sense of ownership and accountability and take pride in their craft. 

What you’ll do

As a Security Incident Response Engineer, you will be safeguarding our employees, data, systems, and infrastructure, both by proactively detecting malicious activity and reactively mitigating issues and handling incidents. You’ll also be investing in building automation for various areas including anomaly and threat detection, data enrichment, and incident handling. Our team is committed to creating a driven and diverse company with ambitious people from wide-ranging backgrounds.

We’re looking for individuals with a strong background and interest in securing systems and infrastructure at scale, comfortable in dealing with lots of moving pieces, with a keen eye towards detail, and comfortable learning new technologies. Most importantly, you should be enthusiastic about working with a variety of backgrounds, roles, and needs. We’re looking for someone to help scale the company with incredible people across the board. Building world-class financial services requires world-class security. 


  • Act as an incident lead for security incidents and participate in preplanning, tabletops, and postmortem/RCA activities.
  • Participate in on-call duties and rotations, including after-hours/weekends as appropriate.
  • Perform malware analysis, host forensics, and network forensics in a predominantly Linux and Mac OSX environment.
  • Deploy, fine-tune, and automate detection and response tooling to protect against external and internal threats to Brex.
  • Build, maintain, and continuously improve supporting systems such as logging pipelines, threat intelligence integrations, alerting systems, and self-service mechanisms. 
  • Own problems end-to-end, thinking through everything from system design, scalability, operability and ongoing metrics.
  • While not a developer role, the candidate will create scripting and contribute to the development and improvement of tooling - as such coding/scripting experience is strongly desired.


  • Experience in security monitoring, incident handling, threat intelligence, and digital forensics.
  • Familiarity with security challenges, including attacks on large-scale applications, systems and service architectures, and securing employees and data in a rapid development environment.
  • Coding/Scripting experience. Brex mostly works in Elixir, Python, and Go, however languages can be learned: we care much more about your general engineering skill than knowledge of a particular language or framework. The Security team predominantly uses Python, Go, and Bash.
  • Caring about system design and valuing building things correctly from day one, without cutting corners.
  • Thriving in a collaborative environment, filled with a diverse group of people with different expertise and backgrounds (we currently have around 30 nationalities represented, with more than ½ the company working in a country different from the one they grew up in).