Threat Detection Engineer 2

In the cloud, every second counts. On the leading edge of security, Sysdig stops attacks in real-time by instantly detecting changes in cloud security risk with runtime insights and open source Falco. Trusted by a large enterprise customer base, we are a well-funded startup, passionate open source enthusiasts at heart, and problem-solvers who are building and delivering powerful solutions to secure cloud-native applications.
We have an organizational focus on delivering value to customers. We appreciate diverse opinions and open dialogue to spur ideas and we believe in working together to achieve our goals. We're an international company that understands how to cultivate an inclusive environment across all teams.
And we're a great place to work too - we've been named a "Best Places to Work" by Inc, the San Francisco Business Time, and Built In, with recognitions ranging from "Best Benefits" to a "Best Company for Happiness".
We are looking for driven team members who want to join us on our mission to lead cloud security globally. Does this sound like the right place for you?

What you will do

• Reporting to the Manager of Threat Engineering
• You will research and maintain threat detections to identify threats that may affect our customers.
• Participate in Sysdig Threat Research Team activities by conducting impactful research on new detection use cases and developing detection methods
• Help automation efforts as they relate to security content by using scripting languages such as Python
• Develop reports and dashboards to measure the progress of detection efforts

What you will bring with you

• 2+ years of hands-on experience with one of the following:
• Security operations, EDR, security engineering, or incident response
• Hands-on experience in Linux, including expertise with system calls and in-depth knowledge of Linux internals
• Experience creating threat detections for cloud environments, such as AWS, Azure, or GCP
• Knowledge of Kubernetes, container technologies, and container runtimes (e.g. Docker, containers, cri-o)
• Experience with SQL and programming languages such as Python or Go, plus using Git for version control and collaborative development.
• Experience with or knowledge of Falco, the OSS threat detection tool
• Familiarity with analysing logs or other security artifacts for malicious behaviour to create detection rules.
• Comfortable working directly with customers to help improve their experience.

What we look for

• People being trusted advisors with a customer success mindset
• Experience from a startup environment
• Growth and learning mindset

When you join Sysdig, you can expect:

• Extra days off to prioritize your well-being
• Mental health support for you and your family through the Modern Health app
• Great compensation package

We would love for you to join us! Please reach out even if your experience doesn't perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different.
Some of our Hiring Managers are globally distributed, an English version of your CV will be appreciated.
Sysdig values a diverse workplace and encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status.
#LI-SM3#LI-Hybrid