Principal Security Engineer - Hosting Security

Summary

Join our dynamic Hosting Security Detection Engineering team as a Principal Security Engineer to safeguard millions of customers across our diverse hosting ecosystem. As a technical leader, you will own our SIEM detection capabilities and incident escalation processes, collaborating with internal teams. This role offers an exceptional opportunity to impact customer security at scale, working with innovative technologies and threat intelligence while mentoring a team. You'll gain expertise in large-scale security operations, advance leadership skills, and contribute to innovative security solutions. This is a remote position with occasional office visits; however, it is not eligible to be performed in Alaska, Mississippi, North Dakota, or the Virgin Islands and is not currently considering candidates in California, Seattle, or NYC.

Requirements

• 5+ years of hands-on experience in security engineering, detection engineering, or similar roles with proven expertise in threat detection and security monitoring
• Strong proficiency in SIEM platforms (Splunk, Elastic Security, Chronicle, Sentinel) including advanced query languages (SPL, KQL, Lucene) and custom dashboard creation
• Programming skills in Python, PowerShell, or similar languages for automation, data analysis, and custom detection tool development
• Deep understanding of cloud security (AWS, Azure, GCP) including native security services, logging mechanisms, and infrastructure-as-code security practices
• Experience with threat intelligence platforms and the ability to translate IOCs, TTPs, and threat research into actionable detection rules and hunting queries
• Knowledge of networking protocols, system administration, and security frameworks (MITRE ATT&CK, NIST) with experience in log analysis and forensic investigation

Responsibilities

• Design and implement sophisticated security detection systems across cloud and on-premises hosting infrastructure to identify threats, anomalies, and security incidents in real-time
• Lead the development of custom detection rules and analytics using SIEM platforms, threat intelligence feeds, and behavioral analysis to improve the organization's security posture
• Architect scalable security monitoring solutions that can handle high-volume data ingestion while maintaining low latency detection capabilities across diverse hosting environments
• Collaborate with incident response teams to refine detection logic based on threat hunting findings, false positive analysis, and emerging attack patterns
• Mentor team members and provide technical leadership on complex security engineering projects, code reviews, and standard methodologies implementation
• Drive automation initiatives for detection deployment, tuning, and maintenance while establishing metrics and KPIs to measure detection effectiveness and coverage

Preferred Qualifications

• Security certifications such as GCIH, GCFA, CISSP, or cloud security specializations (AWS Security Specialty, Azure Security Engineer)
• Experience with containerized environments (Docker, Kubernetes) and modern DevSecOps practices including CI/CD pipeline security integration

Benefits

• Paid time off
• Retirement savings (e.g., 401k, pension schemes)
• Bonus/incentive eligibility
• Equity grants
• Participation in our employee stock purchase plan
• Competitive health benefits
• Parental leave