Senior Software Engineer

Summary

Join ExtraHop's Detection Engineering team as a Senior Software Engineer | Security and help expand ExtraHop’s industry-leading detection coverage. You will develop network threat detectors using rule-based and ML-based detection strategies, reproduce attacks in a lab environment, and collaborate with Threat Research and Data Science teams. The role requires strong software engineering, networking, and cybersecurity fundamentals, as well as knowledge of modern Identity and Access Management (IAM). You will mentor other team members and demonstrate ownership of your responsibilities. ExtraHop offers a flexible work environment, including full-time onsite, hybrid, and fully remote options. The company is committed to diversity and inclusion and actively invests in a diverse engineering organization.

Requirements

• 5+ years of experience in software and/or detection engineering in a team environment
• Experience developing and deploying code for enterprise software applications with emphasis on code quality and maintainability
• In-depth knowledge of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7
• Experience working with modern Identity and Access Management (IAM) using SAML and OIDC
• Experience with network-oriented security tools such as Wireshark, Tshark, tcpdump, Suricata, Snort, or other packet capture/analysis tools

Responsibilities

• Develop network threat detectors by leveraging rule-based and ML-based detection strategies
• Reproduce attacks in a lab environment using live tools and recorded PCAP traffic, and perform threat hunts on aggregated log data, in order to identify malicious behaviors and develop techniques to detect them
• Collaborate with Threat Research and Data Science teams to gain insight on attacker techniques and take advantage of the latest machine learning models to detect attacker behavior
• Work with infrastructure teams to help develop and improve tools that Detection Engineering and Threat Research teams use in developing and testing detections
• Mentor and coach other Security Engineers regarding detector development and network threats
• Actively participate in code review to ensure quality and uplevel other engineers

Preferred Qualifications

• Proficiency in Javascript and Python
• Awareness of current network-based attacks and detection strategies, with a focus on post-exploitation, lateral movement, C2, and exfiltration techniques
• In-depth knowledge of Windows protocols and attack techniques
• Experience with threat hunting, purple teaming, and log/traffic analysis

Benefits

• Health, Dental, and Vision Benefits
• Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time
• Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan
• FSA and Dependent Care Accounts + EAP, where applicable
• Educational Reimbursement
• 401k with Employer Match or Pension where applicable
• Pet Insurance (US Only)
• Parental Leave (US Only)
• Hybrid and Remote Work Model