Threat Detection Engineer (EMEA-Remote) at Sysdig
Sysdig is driving the standard for securing the cloud and containers. We created Falco, the open standard for cloud-native threat detection, and consistently contribute to open source software projects. We are passionate, technical problem-solvers, continually innovating and delivering powerful solutions to secure the cloud from source to run.
We value diversity and open dialog to spur ideas, working closely together to achieve goals. We’re an international company that understands how to cultivate a strong culture across a remote team. And we're a great place to work too — we've been named a Bay Area Best Place to Work by the San Francisco Business Times and the Silicon Valley Business Journal for three years now! We were recognized by Deloitte as one of the 500 fastest growing organizations in 2020 and 2021. We are looking for team members who have a passion for container and cloud security and are willing to dig deeper to help our customers. Does this sound like the right place for you?
Sysdig is looking for a Threat Content Engineer to help us improve Sysdig Secure’s threat detection ruleset. You will also get the chance to work with customers to help solve issues they have with rules allowing for a better experience.
You will be part of the Sysdig Threat Research Team and will help us research the latest threats and create new ways of detecting them. You’ll also help Sysdig’s customers get the most out of our detection capabilities and improve their security posture.
What you will do
- The individual is responsible for maintaining, creating, and testing security related detections
- The individual will also be responsible for developing new and tuning existing detections that help identify threats that may impact our customers
- Work directly with customers to assist them with tuning rules in order to provide more actionable alerts
- Help automation efforts as they relate to security content by using scripting languages such as Python
- Develop reports and dashboard to show progress of detection efforts
What you will bring with you
- 2+ years of hands-on experience with security operations, EDR, security engineering, or incident response.
- Basic knowledge of Linux and how the Operation System works.
- Basic knowledge of SQL and a programming language, such as Python or Go.
- Familiarity with analyzing logs or other security artifacts for malicious behavior in order to create detection rules.
- Comfortable working directly with customers to help improve their experience.
What we look for
- People acting as trusted advisors, with a customer success mindset, able to build credibility with these customers
- A positive “can do” attitude and startup / entrepreneurial approach
- Willingness to learn about new things everyday
Why work at Sysdig?
- We’re a well-funded startup that already has a large enterprise customer base
- We have a pragmatic, transparent culture, from the CEO down
- We have an organizational focus on delivering value to customers
- Our open source tools (https://sysdig.com/opensource/) are widely used and loved by technologists & developers
When you join Sysdig, you can expect:
- Competitive compensation including equity opportunities
- Flexible hours and additional recharge days
- Mental wellbeing support through Modern Health for you and your family
- Monthly wellness reimbursement
- Career growth
Some of our Hiring Managers are globally distributed, an English version of your most up to date Cv will be highly appreciated!