Related skills
python siem edr sigma mitre att&ckπ Description
- Monitor security events via MSSP, SIEM, AI, CSPM to identify threats.
- Design and maintain detection rules in SIEM/EDR/Cloud tools using threat intel.
- Lead security incident response and investigations.
- Design, build, and manage security playbooks; perform vulnerability tests.
- Collaborate with Product Security, IT, and Legal; integrate IOCs and TTPs.
- Be on standby for on-call or off-hours duties.
π― Requirements
- SIEM/EDR, threat intel, detections as code; incident response experience.
- Map detections to MITRE ATT&CK techniques.
- Auth: SAML, OpenID, OAuth2, SCIM familiarity.
- Scripting: Python, NodeJS, Ruby, or Bash.
- Lead incident response and tabletop exercises.
- Cloud security tooling (AWS/Azure/GCP); Wiz familiarity.
π Benefits
- Remote-first culture with time-zone flexibility.
- Opportunity to shape security posture and detection capabilities.
- Work with Cribl products in our security stack.
- Cross-functional collaboration with Product Security, IT, and Legal.
- Inclusive, diverse culture that values all backgrounds.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!