Sysdig

Threat Detection Engineer

Reposted 17 Hours Ago

Be an Early Applicant

3 Locations

Remote

Junior

Cybersecurity

The leader in real-time cloud security

The Role

The Threat Detection Engineer 2 will research and maintain threat detections, automate security content, and develop reports and dashboards.

Summary Generated by Built In

At Sysdig, we believe cloud security isn't a compromise - it's a promise. From the start, our mission has been clear: to help organizations secure innovation in the cloud, the right way.

We created Falco, the open standard for cloud threat detection, and continue to lead the cloud security market with runtime insights, open innovation, and agentic Al. Creators of technology trusted by over 60% of the Fortune 500, Sysdig gives teams the real-time clarity to move fast and defend what matters most.

Culture matters here. We believe diversity fuels stronger ideas, and open dialogue drives sharper decisions. Recognized as a Best Place to Work and one of Deloitte's fastest-growing companies for the past 5 years, we're here to raise the standard for what cloud security and workplace culture should be.

If you have the passion to dig deeper, the desire to challenge convention, and the curiosity to build something better, Sysdig is the right place for you.

What you will do

Reporting to the Manager of Threat Engineering, you will research and maintain threat detections to identify threats that may affect our customers.
Participate in Sysdig Threat Research Team activities by conducting impactful research on new detection use cases and developing detection methods
Help automation efforts as they relate to security content by using scripting languages such as Python
Develop reports and dashboards to measure the progress of detection efforts

What you will bring with you

2+ years of hands-on experience with one of the following:
Security operations, EDR, security engineering, or incident response
Hands-on experience in Linux, including expertise with system calls and in-depth knowledge of Linux internals
Experience creating threat detections for cloud environments, such as AWS, Azure, or GCP
Knowledge of Kubernetes, container technologies, and container runtimes (e.g. Docker, containers, cri-o)
Experience with SQL and programming languages such as Python or Go, plus using Git for version control and collaborative development.
Experience with or knowledge of Falco, the OSS threat detection tool
Familiarity with analysing logs or other security artifacts for malicious behaviour to create detection rules.
Comfortable working directly with customers to help improve their experience.

What we look for

People being trusted advisors with a customer success mindset
Experience from a startup environment
Growth and learning mindset

When you join Sysdig, you can expect:

Extra days off to prioritize your well-being
Mental health support for you and your family through the Modern Health app
Great compensation package

We would love for you to join us! Please reach out even if your experience doesn't perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different.

Some of our Hiring Managers are globally distributed, an English version of your CV will be appreciated.

Sysdig values a diverse workplace and encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status.

#LI-SM3

#LI-Remote

Top Skills

AWS

Azure

Docker

Falco

GCP

Git

Kubernetes

Linux

Python

SQL

View all jobs at Sysdig

View Sysdig Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: San Francisco, CA

700 Employees

Year Founded: 2013

What We Do

Sysdig delivers cloud security the right way with open innovation, agentic AI, and the uncompromising truth of runtime. In a world of black boxes and blind spots, Sysdig helps security and development teams prevent, detect, and respond to threats in the moment.

AI is only as powerful as the signals it receives, and Sysdig Sage™ – the first agentic AI analyst for cloud security – is fueled by the deepest runtime intelligence in the industry. It doesn’t just observe. It reasons and acts with the context, speed, and precision that modern teams need to build and defend innovation in real time. Founded by the creators of Falco and Wireshark, Sysdig is trusted by more than 60% of the Fortune 500 and is built for those who refuse to compromise on security.

Why Work With Us

Sysdig's global expansion is fueled by our dedicated "Sysdiggers," known for collaboration, innovation, & transparency. With a diverse, international presence, we value every voice & are committed to our core values. We prioritize well-being with a top-tier benefits package. Join us to empower our team, thrive, & deliver our best work globally.