SIEM Security Engineer

Summary

Join HashiCorp's Threat Detection and Response Team as a Data Engineer to enhance security across our products and enterprise. You will expand our visibility across major cloud providers, ensuring accurate records of actions performed. This role involves partnering with engineering and stakeholders to define and drive secure environments. Success requires improving tooling and automation as we scale. The team is largely remote, valuing independence and autonomy. HashiCorp embraces diversity and equal opportunity.

Requirements

• 2+ years in an engineering role focused on large scale data collection in the cloud, using cloud-native tooling
• Working knowledge of batch or streaming data processing pipelines
• Collect, Normalize, Tag, Enrich
• Windowing and time series transformation
• Working knowledge of patterns of information retrieval and optimizing query workload
• Developing aggregates, views, summaries, and indices to accelerate access to data
• Profiling query workloads using query planner output or other diagnostic tooling to identify performance bottlenecks
• Profiling resource consumption to optimize expenditure on storage and transit
• Planning, dispatching, and monitoring query workload to ensure on-time delivery of information with optimal use of resources
• Experience working with multiple data query models
• Relational, key-value, graph, document, full-text search
• Maintaining and evolving shared query content through source code management practices
• Natural curiosity and an interest in Threat Detection, Incident Response, Fraud, and/or Threat Intel problem space and the desire to be exposed to and develop these skill areas while serving in a development-focused role
• You have experience taking a periodic on-call rotation in a distributed team
• Publicly released tools or modules or open source contributions

Responsibilities

• Ensure the best practices are implemented across our multi-cloud environment
• Partner with engineering and other stakeholders to define and drive secure by default environments supporting our products and the enterprise
• Continually improve tooling and automation areas

Preferred Qualifications

• Python, Go or experience with other languages and willingness to learn
• Terraform, Vault, Packer
• AWS, GCP, Azure
• AWS EC2, Lambda, Step Functions, ECR/ECS/EKS, S3
• Logging Infrastructure and ETL Pipelines - fluentd, logstash, vector, kafka, kinesis or similar
• CI/CD - Building pipelines involving Jenkins, CircleCI, GH Actions, etc
• Solid foundation of Linux and exposure linux in cloud provider environments

Benefits

Remote work