Required Sr. Threat Detection Engineer
About the Team:
You'll be joining our Cloud Content Research team, a team focused on stopping real-world adversaries targeting cloud infrastructure. Our unique position within allows us to work closely with our Threat Intelligence, OverWatch, and Incident Response teams, translating front-line observations of adversary tactics into effective detection capabilities. We combine deep cloud security expertise with innovative detection engineering to identify and stop sophisticated cloud threats. Our team creates advanced detection content and drives innovation in cloud security through close collaboration with Product and Engineering teams, who develop new detection capabilities based on our insights and requirements. We focus on both strategic research into emerging cloud attack techniques and rapid response to evolving adversary tactics observed in the wild.
About the Role:
As a Senior Cloud Detection Engineer, you'll be at the forefront of protecting organizations against sophisticated cloud threats, working with some of the industry's most advanced security technologies and enterprise-scale cloud environments. You'll have the unique opportunity to translate real-world adversary intelligence into innovative detection capabilities that protect many of the world's leading organizations across every major industry.
What You'll Do:
Research and develop detection content for cloud-native attacks, including identity-based threats, data exfiltration, privilege escalation, cloud-native tactics
Create correlation logic and between runtime events and control plane activities
Design and implement detection logic across multi-cloud and hybrid environments
Collaborate with Threat Intelligence, OverWatch, and Incident Response teams to develop detections based on real adversary activities
Partner with Product and Engineering teams to enhance detection capabilities.
About the Team:
You'll be joining our Cloud Content Research team, a team focused on stopping real-world adversaries targeting cloud infrastructure. Our unique position within allows us to work closely with our Threat Intelligence, OverWatch, and Incident Response teams, translating front-line observations of adversary tactics into effective detection capabilities. We combine deep cloud security expertise with innovative detection engineering to identify and stop sophisticated cloud threats. Our team creates advanced detection content and drives innovation in cloud security through close collaboration with Product and Engineering teams, who develop new detection capabilities based on our insights and requirements. We focus on both strategic research into emerging cloud attack techniques and rapid response to evolving adversary tactics observed in the wild.
About the Role:
As a Senior Cloud Detection Engineer, you'll be at the forefront of protecting organizations against sophisticated cloud threats, working with some of the industry's most advanced security technologies and enterprise-scale cloud environments. You'll have the unique opportunity to translate real-world adversary intelligence into innovative detection capabilities that protect many of the world's leading organizations across every major industry.
What You'll Do:
Research and develop detection content for cloud-native attacks, including identity-based threats, data exfiltration, privilege escalation, cloud-native tactics
Create correlation logic and between runtime events and control plane activities
Design and implement detection logic across multi-cloud and hybrid environments
Collaborate with Threat Intelligence, OverWatch, and Incident Response teams to develop detections based on real adversary activities
Partner with Product and Engineering teams to enhance detection capabilities.
Requirements:
Strong background in detection engineering or cloud security operations
Deep understanding of cloud service provider architectures and security models
Extensive experience creating detection content for cloud environments
Proven ability to analyse large-scale security datasets
Strong analytical and problem-solving capabilities
Excellent collaboration and communication skills
Desired Experience:
Experience with major cloud providers (AWS, Azure, GCP, OCI)
Familiarity with SIEM platforms and query languages (advantage: LogScale)
Linux security and runtime detection experience
Kubernetes security and detection experience
Background in threat research, incident response, or red/blue team
Experience with MITRE ATT&CK for Cloud
Track record of improving detection efficacy
What Sets You Apart:
Experience developing detection content at scale
Understanding of cloud-native attack techniques
Ability to balance research insights with practical implementation
Track record of cross-team collaboration in security projects.
Strong background in detection engineering or cloud security operations
Deep understanding of cloud service provider architectures and security models
Extensive experience creating detection content for cloud environments
Proven ability to analyse large-scale security datasets
Strong analytical and problem-solving capabilities
Excellent collaboration and communication skills
Desired Experience:
Experience with major cloud providers (AWS, Azure, GCP, OCI)
Familiarity with SIEM platforms and query languages (advantage: LogScale)
Linux security and runtime detection experience
Kubernetes security and detection experience
Background in threat research, incident response, or red/blue team
Experience with MITRE ATT&CK for Cloud
Track record of improving detection efficacy
What Sets You Apart:
Experience developing detection content at scale
Understanding of cloud-native attack techniques
Ability to balance research insights with practical implementation
Track record of cross-team collaboration in security projects.
This position is open to all candidates.
