SIEM Security Engineer

Summary

Join HashiCorp's Threat Detection and Response Team as a Data Engineer to enhance security across our products and enterprise. You will be responsible for expanding visibility across major cloud and SaaS providers, ensuring accurate records of actions performed. Partner with engineering and stakeholders to define and drive secure environments. This role requires strong experience in large-scale data collection, cloud-native tooling, and IaC. Success hinges on improving tooling and automation as we scale. The position is largely remote, requiring independence and autonomy.

Requirements

• 5+ years in an engineering role focused on large scale data collection in the cloud, using cloud-native tooling and Infrastructure-as-Code (IaC)
• Working knowledge of IaC (e.g., Terraform, CDK) and git workflows like Pull Request and CI/CD
• Production experience with batch or streaming data processing pipelines using S3
• Working knowledge of patterns of information retrieval and optimizing query workload using a full-text engine like Elastic, Splunk, Lucene, DataDog, or SumoLogic
• Experience working with multiple data query models (Relational, key-value, graph, document, full-text search)
• Maintaining and evolving shared query content through source code management practices
• Experience in defensive Cyber operations and a desire to develop skillsets for disrupting adversary operations using large-scale data and analytics
• Experience taking a periodic on-call rotation in a distributed team

Responsibilities

• Ensure best practices are implemented across the multi-cloud environment
• Partner with engineering and other stakeholders to define and drive secure by default environments supporting our products and the enterprise
• Continually improve tooling and automation areas
• Expand and mature the approach to delivering visibility across all major cloud and SaaS providers to ensure an accurate record of actions performed across each layer of our technology stacks

Preferred Qualifications

• Strong programming skills in one or more general-purpose languages (Python, Go, Rust, etc.)
• Production deployment experience with one or more infrastructure as code languages (Terraform, AWS CDK)
• Experience with git-based code review, testing, and deployment workflows
• AWS, GCP, Azure
• Logging Infrastructure and ETL Pipelines - fluentd, logstash, vector, kafka, kinesis or similar
• Solid experience deploying, using, and operating Linux in cloud provider environments

Benefits

Remote work