Detection Engineering Lead

at Guardant Health
  • $108k-$149k
  • Remote - United States

Remote

Cybersecurity

Senior

Job description

Company Description

Guardant Health is a leading precision oncology company focused on guarding wellness and giving every person more time free from cancer. Founded in 2012, Guardant is transforming patient care and accelerating new cancer therapies by providing critical insights into what drives disease through its advanced blood and tissue tests, real-world data and AI analytics. Guardant tests help improve outcomes across all stages of care, including screening to find cancer early, monitoring for recurrence in early-stage cancer, and treatment selection for patients with advanced cancer. For more information, visit guardanthealth.com and follow the company on LinkedIn, X (Twitter) and Facebook.

Job Description

This is an exciting opportunity for a technically strong cybersecurity professional looking to take the next step into a leadership role. As Detection Engineering Lead (Insider risk), you will play a central role in helping define and build a scalable insider risk management program from the ground up. You’ll bring your hands-on experience in incident response, threat detection, and forensic analysis to lead investigations and develop processes for detecting and responding to insider threats. This role is ideal for someone ready to expand their scope beyond technical execution and start owning strategy, process design, and stakeholder collaboration.

In this role, you’ll work closely with cross-functional teams—including HR, Legal, Cybersecurity, and Technology—to assess insider risks, manage cases, and implement mitigation strategies. You’ll also have the chance to mentor junior analysts, shape tooling and workflows, and grow your leadership skills while making a real impact. If you’re ready to step up, lead with influence, and build something meaningful, this is the role for you.

Essential Duties and Responsibilities:

  • Building a well-structured, resilient insider threat program that aligns with business goals and security standards will be central to your success.
  • Success in this role means developing and maintaining effective automations, workflows, tools, and processes that enable the team to detect and respond to high-risk insider activities with speed and precision.
  • You’ll excel by working closely with cross-functional teams, ensuring insider risks are accurately classified, reported, and resolved while enhancing incident response procedures.
  • Your ability to serve as a reliable point of contact for insider risk matters will foster a collaborative, organization-wide approach—ensuring timely updates and smooth alignment with senior leadership.
  • You’ll demonstrate impact by implementing and overseeing monitoring systems that surface behavioral anomalies, enabling early identification of suspicious insider activities.
  • You’ll help the organization stay one step ahead by working with awareness teams to identify emerging threat tactics and promote behaviors that reduce the risk of data loss or misuse.
  • Your ability to break down complex security challenges into clear, understandable messages will empower leaders across the organization to act with confidence.
  • Success in this role means effectively coordinating with Business Units, Security Operations, HR, Legal, and Compliance teams to ensure insider risks are addressed holistically and remediated efficiently while maintaining strict confidentiality and professionalism in all investigative and advisory activities.
  • A key measure of success will be your ability to create and maintain meaningful use cases in UEBA and monitoring tools that enable early detection and prioritization of risky behaviors.
  • By defining relevant metrics and KPIs, you’ll help senior leadership clearly understand program health and progress—your ability to translate data into insights will set you apart.
  • You’ll elevate the team’s detection capabilities by continuously refining rules, analytics, and detection logic that adapt to evolving threats.
  • Your strategic mindset will shine as you align the insider risk program roadmap with organizational priorities, ensuring long-term relevance and impact.
  • You’ll demonstrate strong investigative instincts by identifying and scoping insider risks through detailed analysis, evidence collection, and sound judgment.
  • Your ability to monitor unauthorized activities while maintaining strict adherence to legal and privacy guidelines will ensure investigative integrity and regulatory compliance.
  • Evaluating and refining behavioral detection models will be key to your success in staying ahead of shifting insider threat patterns and false positive fatigue.
  • Your written communication will stand out as you produce intelligence reports that clearly synthesize diverse data points into actionable insights.
  • You’ll align your team’s projects and goals with the broader organizational strategy—ensuring your insider risk program supports and advances enterprise priorities.
  • Your mentorship will drive the growth of junior analysts, building a strong team culture rooted in continuous learning and development.

Qualifications

  • 5+ years of experience in information security, including hands-on work in insider threat, incident response, threat hunting, and forensic analysis.
  • 2+ years of experience leading or significantly contributing to an insider threat management program.
  • Experience conducting end-to-end investigations involving qualitative and quantitative data, forensic analysis, stakeholder interviews, and sensitive material handling.
  • When submitting your resume, please include the word ‘Goal’ in the message to the hiring team section.
  • Prior experience in healthcare or high-regulation environments preferred but not required.
  • Strong understanding of cybersecurity principles, digital forensics, behavioral analytics, and network security.
  • Expertise in insider threat detection tools and technologies such as UEBA, SIEM, DLP, and EDR.
  • Comprehensive knowledge of email security, OS forensics, data loss prevention, and network monitoring.
  • Proficiency in scripting and automation (e.g., Python, Bash, Go, PowerShell).
  • Familiarity with cloud security principles and platforms including AWS, GCP, and/or Azure.
  • Proven ability to develop and implement insider threat detection strategies, write detection signatures, and enhance SOC processes.
  • Experience building workflows and governance documentation aligned with insider threat frameworks and industry best practices.
  • Excellent analytical, problem-solving, and decision-making skills, especially when handling complex or ambiguous situations.
  • Exceptional communication and interpersonal skills with the ability to convey technical information to both technical and non-technical audiences, including senior leadership and legal counsel
  • Strong interpersonal maturity with the ability to influence, collaborate, and build trust across diverse teams.
  • Proven ability to work independently while aligning to organizational and client objectives.

Additional Information

Hybrid Work Model : At Guardant Health, we have defined days for in-person/onsite collaboration and work-from-home days for individual-focused time. All U.S. employees who live within 50 miles of a Guardant facility will be required to be onsite on Mondays, Tuesdays, and Thursdays. We have found aligning our scheduled in-office days allows our teams to do the best work and creates the focused thinking time our innovative work requires. At Guardant, our work model has created flexibility for better work-life balance while keeping teams connected to advance our science for our patients.

The US base salary range for this full-time position is $108,800 to $149,600. The range does not include benefits, and if applicable, bonus, commission, or equity. The range displayed reflects the minimum and maximum target for new hire salaries across all US locations for the posted role with the exception of any locations specifically referenced below (if any).

Within the range, individual pay is determined by work location and additional factors, including, but not limited to, job-related skills, experience, and relevant education or training. If you are selected to move forward, the recruiting team will provide details specific to the factors above.

Employee may be required to lift routine office supplies and use office equipment. Majority of the work is performed in a desk/office environment; however, there may be exposure to high noise levels, fumes, and biohazard material in the laboratory environment. Ability to sit for extended periods of time.

Guardant Health is committed to providing reasonable accommodations in our hiring processes for candidates with disabilities, long-term conditions, mental health conditions, or sincerely held religious beliefs. If you need support, please reach out to [email protected]

Guardant Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

All your information will be kept confidential according to EEO guidelines.

To learn more about the information collected when you apply for a position at Guardant Health, Inc. and how it is used, please review our  Privacy Notice for Job Applicants.

Please visit our career page at: http://www.guardanthealth.com/jobs/

Share this job:
Please let Guardant Health know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Guardant Health

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply