Product Owner- Security Content

Summary

Join Graylog as a Product Owner, Security Content and play a pivotal role in shaping and delivering our Security Content roadmap across threat detection engineering, compliance content, and log source support. Collaborate with internal and external stakeholders to deliver impactful security content that empowers our customers. Manage the development and maintenance of log source support content, ensuring compatibility with evolving systems and technologies. Guide the creation of high-quality threat detection engineering content. Develop and maintain compliance content to meet industry standards and regulatory requirements. Act as the primary liaison between Graylog and security research partners. Monitor cybersecurity trends and customer feedback to refine the security content portfolio. This role reports to the VP of Product Management and involves collaboration with various teams to ensure successful delivery and adoption of security content initiatives.

Requirements

• You’ll possess a well-rounded understanding of cybersecurity principles, including log management and security threat detection, with experience working with SIEM, SOAR, or EDR platforms and familiarity with log sources, such as firewalls, endpoint protection, cloud platforms, and network devices
• You will have hands-on experience in creating or managing threat detection content, including detection rules, correlation logic, and response playbooks with an understanding of common threat actors, attack tactics (e.g. MITRE ATT&CK framework), and Indicators of Compromise (IOCs)
• Working knowledge of industry standards and regulations such as PCI DSS, GDPR, HIPAA, SOC 2, and NIST frameworks
• Demonstrated ability to translate customer feedback into actionable product improvements

Responsibilities

• Collaborate with the product team to define and prioritize the security content roadmap, ensuring alignment with strategic goals and customer needs
• Manage the development and maintenance of log source support content, ensuring compatibility with evolving systems and technologies
• Guide the creation of high-quality threat detection engineering content aligned to focused security use cases, including rules, queries, and playbooks
• Develop and maintain compliance content that enables customers to demonstrate their ability to meet their industry standards and regulatory requirements
• Act as the primary liaison between the company and security research partners, such as SOCPrime and TruKno, to source and integrate cutting-edge security research
• Monitor cybersecurity trends and customer feedback to continuously refine and expand the security content portfolio
• Collaborate with Engineering, Marketing, and Customer Success teams to ensure the successful delivery and adoption of security content initiatives
• Track and measure the effectiveness of security content offerings, leveraging data to inform future improvements
• Support the sales and enablement teams by providing insights and training on the value and usage of security content
• Represent the company at industry events and engage with the cybersecurity community to advocate for the company’s security content strategy

Preferred Qualifications

Previous experience in a security operations centre is a plus

Benefits

• Opportunity to work with a globally distributed and diverse team
• Grow and develop professionally and personally in a fast-growing environment
• Choice of the latest equipment to help you succeed
• Monthly allowance to support your commute costs and support outfitting your work from home environment
• Equity. We have a stake in you, you should have a stake in us