Senior Threat Research Engineer
Austin, TX
Applications have closed
Sumo Logic
Sumo Logic provides best-in-class cloud monitoring, log management, Cloud SIEM tools, and real-time insights for web and SaaS based apps.Location- 100% remote from USA or Canada...Offices in Austin, TX and Redwood City, CA
Millions of queries a day analyze hundreds of petabytes of data. Sumo Logic Threat Labs is a team of security experts responsible for developing and applying cyber threat intelligence, technology, hunting, and tradecraft to research and develop threat detections for Sumo Logic Cloud SIEM customers. Threat Labs is by design a fast-paced, demanding, and mission-focused team. Sumo Logic is in search of like-minded individuals to join Threat Labs and help take threat research to the next level.
Threat Labs is looking for a senior-level threat researcher to join us in defending multiple organizations and technologies, by researching and creating detection content for Sumo Logic. This individual must love data (logs), and understand the role modern SIEM plays in organizations today; additionally, they must understand the importance of applying practitioner experience in helping customers do the job they need to do with SIEM. Threat Labs research includes exploration and exploitation of various cloud technologies, to create high quality practical detections. We’re looking for someone who can build out, test, and help us push the envelope on research driven detections.
Responsibilities
- Research, Develop, and Test detection rules within lab infrastructure
- Work with product management to identify focus of research and development campaigns
- Maintain and expand threat research lab infrastructure
- Provide practitioner feedback to engineering and product management regarding features and roadmap
- Research industry trends for detection opportunities
- Contribute to the community through blogs, conference talks, open source projects etc.
- Align with Threat Detection Engineering on content development efforts and deployment
Requirements
- 8+ years of cybersecurity experience
- Ideally a combination of the following:
- Senior/Principal SOC Analyst
- Purple Team and/or hunting
- Incident response
- Experience sourcing threat detections from research to deployment
- Knowledgeable of multiple technology stacks and willingness to learn new technologies
- Experience working in at least one public cloud (AWS, Azure, GCP)
- Experience analyzing cloud infrastructure log telemetry
- Contributed cybersecurity blogs or linkedIn posts, and conference talks
Desirable
- Experience in customer facing technical role (consulting, IT help desk/remote support)
- Offensive cybersecurity tool experience (Atomic Red Team, Sliver, Cobalt Strike etc)
- Scripting experience (Python, PowerShell, etc)
- Experience with Security Orchestration, Automation, and Response (SOAR) technology
- Established social media presence in the cybersecurity industry/community (Twitter and the like)
- Experience working within the cybersecurity vendor industry, with an understanding of product management and providing feedback into the process
About Us
Sumo Logic, Inc. empowers the people who power modern, digital business. Sumo Logic enables customers to deliver reliable and secure cloud-native applications through its Sumo Logic SaaS Analytics Log Platform, which helps practitioners and developers ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. Customers worldwide rely on Sumo Logic to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit www.sumologic.com.
The expected annual base salary range for this position is $150k- $183k . Compensation varies based on a variety of factors which include (but aren’t limited to) role level, skills and competencies, qualifications, knowledge, location, and experience. In addition to base pay, certain roles are eligible to participate in our bonus or commission plans, as well as our benefits offerings, and equity awards.
Tags: Analytics Automation AWS Azure Cloud Cobalt Strike GCP Incident response Open Source PowerShell Privacy Python Red team SaaS Scripting SIEM SOAR SOC Threat detection Threat intelligence Threat Research
Perks/benefits: Equity / stock options Salary bonus
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.