Senior Adversary Pursuit Engineer

Every community deserves to be safe, it’s a fundamental right. Our mission is simple - to build technology that reduces crime and protects privacy. Flock partners with cities, businesses, schools, and neighborhoods to help protect where people live, work, and play. Last year, Flock technology supported over 1 million criminal investigations. We've also helped solve approximately 20% of reported crimes in areas where we're deployed, and have played a role in locating more than 10,000 missing people.

We are a high-performance team united by urgency, ownership, and a shared commitment to meaningful impact. The work is fast-paced and the expectations are high. We push beyond perceived limits, support each other, and hold ourselves accountable to delivering results that matter.

With over $1B in funding and an $8.3B valuation, we are scaling with intention and investing in the people who will help us build what others said could not be done. At Flock, you will find the opportunity to grow quickly, take on real responsibility, and contribute to something bigger than yourself.

The Opportunity

We are looking for a Senior Adversary Pursuit Engineer. As someone with over 5 years of cybersecurity experience, at least 3 of those years in the trenches focused on DFIR/Threat Hunts, you will focus on developing and executing functions within Flock’s Adversary Pursuit program. You will help architect and execute threat hunts, technical cybersecurity exercises, and tactical threat intelligence collection looking for opportunities to improve these areas. You’ll work closely with our Offensive Security team to ensure a high level of efficacy in our ability to detect threats, and assist the Security Operations team with improvements to our response capabilities.

This is a critical role that will be responsible for developing new methods to search and detect threats across a rapidly scaling, high-value public-private safety network. You will assist with defining and executing hunts, determining and prioritizing visibility and detection gaps, and when necessary, assisting with response operations across thousands of deployed hardware devices, extensive cloud infrastructure, and core business applications. You will help with the creation of technical exercises against Flock’s full technology stack (hardware, software, cloud, network) to help increase preparedness and readiness. This role reports to the Director, Incident Response and Adversary Pursuit.

Success in this role will be measured by the development and execution of our threat hunt capabilities, ability and effectiveness to detect prioritized threats, and improved readiness to respond (through metrics such as MTTD).

The Skillset

• Leadership & Management:

  • Mold the long-term threat hunting roadmap, including strategy, data ingestion requirements, and coverage metrics.

  • Help design, execute, and see complex threat hunting campaigns through to completion, taking ownership of specific threat verticals (e.g., cloud environments, specific APT groups).

  • Serve as a technical mentor for junior and mid-level engineers. Review their technical work, provide constructive feedback on methodologies, and elevate the team's overall technical baseline.

• Technical Expertise:

  • Extensive technical expertise in performing DFIR and adversary threat hunts, across diverse environments (corporate systems, cloud - AWS/GCP/Azure, and operational technology networks).

  • Experience with performing DFIR on Android IoT devices.

  • Deep experience utilizing enterprise security tooling (SIEM, EDR, etc.) as well as developing proprietary tools/scripts to scale the team’s capabilities.

  • Experience utilizing sandboxing technology to aid in the analysis of suspicious binaries and scripts; hands-on reverse engineering experience a plus.

  • Hands on work with integrating security automation tools (Torq, Tines, SIEM native, etc.) and AI tooling (LLMs, agentic workflows) to accelerate security operations

  • Map findings to the MITRE ATT&CK framework to identify coverage gaps and improve detection posture.

  • Well versed in using cyber threat intelligence to update requirements, prioritize collection sources and integrate technical TTPs to inform and prioritize hunts.

  • Create and tune high-fidelity detection rules (e.g., Splunk SPL, YARA, Sigma) based on hunt findings to prevent future recurrence.

  • Assist with the development of technical table top exercises, ensuring scenario applicability to the organization’s risk profile and align to real world cyber events.

• Operational & Collaboration Skills:

  • Collaborate with Cybersecurity, Engineering, and Product teams to help plan, and execute threat hunts, providing detailed findings and data backed recommendations for cybersecurity and architectural improvements.

  • Work closely with the Offensive Security team to help perform regular testing and validation of custom detection rules.

  • Serve as a Tier 3 escalation point for SOC analysts; perform deep-dive root cause analysis on complex security incidents.

Feeling uneasy that you haven’t ticked every box? That’s okay; we’ve felt that way too. Studies have shown women and minorities are less likely to apply unless they meet all qualifications. We encourage you to break the status quo and apply to roles that would make you excited to come to work every day.

90 Days at Flock

We prescribe to 90 day plans and believe that good days lead to good weeks, which lead to good months. This serves as a preview of the 90 day plan you will receive if you were to be hired in this role at Flock.

The First 30 Days

• Build a deep understanding of the company’s technology stack, threat landscape, and existing security operations and response practices

• Establish strong partnerships with Engineering, Infrastructure, Product Security, and Offensive Security teams

The First 60 Days

• Help identify areas of focus within Adversary Pursuit, aligned to risk tolerance and business priorities, to help with development of a long term roadmap

• Assist with identifying opportunities to improve visibility (logs and intelligence) and detection capabilities

90 Days & Beyond

• Help with building an organizational Cyber Threat Profile with prioritized threat actors and intelligence collection requirements and proactively identifying attacker TTPs

• Develop a phased roadmap to mature Adversary Pursuit capabilities, including visibility and detection gap remediations and tooling improvements as well as plans for incorporation into regular exercises

Salary & Equity

In this role, you’ll receive a starting salary between $140,000 and $175,000 as well as Flock Stock Options. Base salary is determined by job-related experience, education/training, as well as market indicators. Your recruiter will discuss this in-depth with you during our first chat.

Location

We’re building the impossible, together. To drive innovation through in-person collaboration, we’re prioritizing candidates in our key hubs: Atlanta, Boston, Chicago, Denver, Los Angeles, New York City, San Francisco, and Austin. While we value the energy of our hub communities, we embrace remote work and welcome applications from exceptional talent across the United States.

The Perks

🌴Flexible PTO: We offer non-accrual PTO, plus 11 company holidays.

⚕️Fully-paid health benefits plan for employees: including Medical, Dental, and Vision and an HSA match.

👪Family Leave: All employees receive 12 weeks of 100% paid parental leave. Birthing parents are eligible for an additional 6-8 weeks of physical recovery time.

🍼Fertility & Family Benefits: We have partnered with Maven, a complete digital health benefit for starting and raising a family. Flock will provide a $50,000-lifetime maximum benefit related to eligible adoption, surrogacy, or fertility expenses.

🧠Spring Health: Spring Health offers a variety of mental health benefits, including therapy, coaching, medication management, and digital tools, all tailored to each individual's needs.

💖Caregiver Support: We have partnered with Cariloop to provide our employees with caregiver support

💸Carta Tax Advisor: Employees receive 1:1 sessions with Equity Tax Advisors who can address individual grants, model tax scenarios, and answer general questions.

💚ERGs: We want all employees to thrive and feel like they belong at Flock. We offer four ERGs today - Women of Flock, Flock Proud, LEOs and Melanin Motion. If you are interested in talking to a representative from one of these, please let your recruiter know.

💻WFH Stipend: $150 per month to cover the costs of working from home.

📚Productivity Stipend: $300 per year to use on Audible, Calm, Masterclass, Duolingo and so much more.

🏠Home Office Stipend: A one-time $750 to help you create your dream office.

If an offer is extended and accepted, this position requires the ability to obtain and maintain Criminal Justice Information Services (CJIS) certification as a condition of employment. Applicants must meet all FBI CJIS Security Policy requirements, including a fingerprint-based background check.

Flock is an equal opportunity employer. We celebrate diverse backgrounds and thoughts and welcome everyone to apply for employment with us. We are committed to fostering an environment that is inclusive, transparent, and collaborative. Mutual respect is central to how Flock operates, and we believe the best solutions come from diverse perspectives, experiences, and skills. We embrace our differences and know that we are stronger working together.

If you need assistance or an accommodation due to a disability, please email us at [email protected]. This information will be treated as confidential and used only to determine an appropriate accommodation for the interview process.

At Flock, we compensate our employees fairly for their work. Base salary is determined by job-related experience, education/training, as well as market indicators. The range above is representative of base salary only and does not include equity, sales bonus plans (when applicable) and benefits. This range may be modified in the future. This job posting may span more than one career level.

Flock is aware of fraudulent individuals and agencies falsely claiming to represent our company. All legitimate communication from Flock will come from an email address ending in @flocksafety.com. We do not make job offers through messaging apps, social platforms, or unauthorized third parties, and we will never request payment or sensitive personal information during the hiring process. If you encounter suspicious outreach related to a Flock role, please report it to [email protected]