Detection Security Engineer

United States

Applications have closed

Lacework

Need better insight into the security of your cloud environments? Learn how Lacework can automate cloud security, prioritize risks, and help you scale.

View all jobs at Lacework

At Lacework, we strive to provide a supportive, collaborative environment where people are empowered to do the best work of their careers.

Our team members enjoy solving complex problems, big sky thinking, and obsess over getting the details right. We love what we do and are proud of our work to secure clouds and container environments for thousands of users worldwide.

The Security team is growing and we need YOU! Our focus is to ensure our systems continue to detect world class attacks as well as to reduce risks in our software and systems. That is to ensure they are designed and implemented in a secure manner. We work collaboratively across the whole company to accomplish these goals and we’re a growing team that’s looking for a smart, experienced, energetic, and a humble security engineer. 

The ideal candidate is an experienced Security Engineer, preferably one that has a track record of analysing and responding to security problems (preferably within cloud environments). This is a great opportunity for someone who is extremely focused, excited and technically adept to make a huge impact. The role will include actively monitoring our systems for attacks and intrusions, responding to potential security incidents, working with the product team on product improvements and enhancing the platform with new detection ideas . You will develop an in-depth understanding of the Lacework platform and the stack it is built on, that is you will become an expert at using our own Lacework platform to secure all of Lacework - the company. You will have a go getter attitude and work across various teams to prioritize and track resolution of identified issues.

To be successful you will:

  • Participate in an on-call rotation that looks after and responds to security events.
  • Willing and able to automate, automate, automate!
  • Develop new and optimize existing detection use cases, contribute to operational runbooks, wikis, how-tos, topology diagrams - as needed.
  • Respond to security incidents, determine remediation, escalate as appropriate, and proactively consider how to prevent the same type of incident from occurring in the future.
  • Become an expert user of Lacework.
  • Work with other teams to discover new detection capabilities
  • Assist with code reviews, evaluate code for security issues and participate in secure code designs.
  • Build security utilities and tools for internal use that enable you and other Security Engineers to operate at high velocity; and extend that use to other teams in a DevSecOps cultural model.
  • Provide subject matter expertise on architecture, authentication and system security.
  • Advocate for best-security practices to the entire engineering organization.

Your Professional Profile:

  • 10+ years of experience in a security engineering role.
  • Deep knowledge of current threat intelligence and modern attacker exploits.
  • Deep knowledge of incident response and forensics (DFIR) in a large-scale environment.
  • Ability to write code in common languages like Python, Java, Go or Rust.
  • Good AWS knowledge and hands on experience. Bonus for experience with all three major cloud providers (AWS, Azure, GCP).
  • Good knowledge and experience with network protocols, cryptography, security threats, attack techniques, evasive techniques, detection and prevention methods.
  • Good knowledge of Docker/Kubernetes and how to secure those environments.
  • Understanding of real-time threat detection, secrets management, security considerations within build, release, CI/CD and other similar tooling.
  • Good understanding of the fundamentals of systems hardening.
  • Good understanding of database knowledge, with Snowflake experience being highly desirable.
  • Familiarity with observability and monitoring tools.
  • Experience working remotely across many time zones and cultures.
  • Excellent written and verbal communication skills, with the ability to target your communication to the audience, whether technical or not.

 

Salary Range: $220k - $300k USD Annually + Benefits + Bonus + Equity
Actual compensation may vary based on factors such as geographic location, work experience, education/training and skill level.

Lacework is an Equal Opportunity Employer. It is the policy of Lacework to provide equal employment opportunity to all persons, regardless of age, race, religion, color, national origin, sex, political affiliations, marital status, non-disqualifying physical or mental disability, age, sexual orientation, membership, or non-membership in an employee organization, or on the basis of personal favoritism or other non-merit factors, except where otherwise provided by law

Job stats:  26  0  0

Tags: AWS Azure CI/CD Cloud Cryptography DevSecOps DFIR Docker Exploits Forensics GCP Incident response Java Kubernetes Monitoring Python Rust Snowflake Threat detection Threat intelligence

Perks/benefits: Equity / stock options Gear Salary bonus Team events

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.