Content Development Engineer, Threat Detection & Response

Summary

Join Graylog's security content team as a Threat Detection and Response Specialist. You will contribute to and maintain the Illuminate content library, a collection of alerts and response plans for customers. Responsibilities include building, testing, and delivering detection and response plans, collaborating with the product team, and staying updated on security trends. The ideal candidate possesses a strong information security background, experience with SIEM tools, and excellent communication skills. This remote-friendly position offers opportunities for professional growth within a fast-growing company and includes benefits such as a monthly allowance for commute or home office setup, equity, and a diverse, collaborative work environment.

Requirements

• Thorough information security background including writing and tuning security alerts
• Good working knowledge of virtualization technologies
• Knowledge of programming logic, regex, grok, GitHub
• Familiar with Linux & Windows system administration
• Thorough documentation and writing skills with a keen eye and attention to detail

Responsibilities

• Contribute to the expansion and maintenance of the library of Illuminate content
• Test, review, and provide feedback on the work of your teammates
• Keep abreast of security trends, vulnerabilities, and attack vectors
• Support our Customer Support team when customers have issues with Illuminate
• Monitor customer requests for new content ideas and adjustments to existing content
• Independently research, build, and deliver security content (detection & remediation steps) that improve customers' security posture
• Provide use peer-to-peer reviews of other team members' work
• Travel to team and company events as and when required

Preferred Qualifications

• Recent SOC (or similar threat detection and response) experience
• Familiarity with Sigma Rules
• Hands-on experience with SIEM and/or log aggregation tools such as Graylog, Splunk, QRadar, etc
• Previous Graylog experience

Benefits

• Opportunity to work with a globally distributed and diverse team
• Grow and develop professionally and personally in a fast-growing environment
• Choice of latest equipment to help you succeed
• Monthly allowance to support your commute costs and support outfitting your work from home environment
• Equity
• Remote work