Security Engineer, Threat Response

Asana is the work management platform for human + AI collaboration. It helps organizations bring people, processes, and AI together to plan, track, and deliver work with clarity and speed. Powered by the Work Graph®, Asana provides teams with context and control to stay aligned, keep work moving, and scale impact. More than 170,000 organizations, including Accenture, Amazon, Anthropic, Morningstar, and Suzuki, use Asana for their critical work.

• 5+ years of experience in security operations, incident response, or threat detection.
• Strong experience with SIEM platforms (e.g., Panther, Splunk, Elastic Security) for log analysis, alert correlation, and dashboard creation.
• Deep working knowledge of endpoint detection and response (EDR) tools (e.g., CrowdStrike, SentinelOne) and their capabilities.
• Proven experience developing and implementing security automation using scripting languages (e.g., Python, PowerShell) or orchestration tools.
• Experience performing security incident investigations and forensic analysis.
• Familiarity with common attack techniques, tactics, and procedures (TTPs) and frameworks like MITRE ATT&CK.
• A pragmatic and collaborative mindset, with a passion for building robust defenses and enabling other engineers to do their best, most secure work.

Nice to have:

• Experience working in a hybrid office-centric schedule with specific in-office days and remote work options.

• Lead security incident detection, analysis, and response efforts, ensuring timely and effective remediation of security incidents.
• Utilize and optimize security tools such as Panther for SIEM, CrowdStrike for endpoint detection and response, and other security platforms.
• Develop, implement, and maintain security playbooks and automation scripts to streamline security operations and reduce manual toil.
• Monitor security alerts and threat intelligence feeds, proactively identifying and addressing emerging threats.
• Conduct forensic analysis during security incidents to understand the scope and impact of incidents.
• Collaborate with engineering teams to integrate security best practices into development processes and provide guidance on secure configurations.
• Develop and deliver training to educate engineers on security operations and incident response best practices.

This role is based in the Warsaw office with an office-centric hybrid schedule. Standard in-office days are Monday, Tuesday, and Thursday. Most employees have the option to work from home on Wednesdays. Working from home on Fridays depends on the type of work and recruiter guidance.