Job Closed
This listing is no longer active.
Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy.
Senior Security Operations Engineer
Location
United States
Posted
43 days ago
Salary
$128K - $200K / year
Seniority
Senior
Job Description
Senior Security Operations Engineer
Cribl
• The Security Operations Engineer will be a pivotal member of Cribl’s Information Security team, primarily responsible for strengthening our security posture through robust security operations and advanced threat detection. • You will lead security incident management, triage, and investigations, and be instrumental in developing innovative solutions to remediate current threats and proactively prevent future attacks. • A key aspect of this role will be designing, implementing, and optimizing detection logic to identify sophisticated threats across our environment. • You will partner closely with Product Security, IT, and Legal teams, and report to the Sr. Director, Security Engineering and Operations under the CISO.
Job Requirements
- Provide knowledge and experience in working with modern security principles e.g. security data lakes, detections as code, EDR, zero trust networking, and other security tooling, as well as demonstrated experience with incident response and management.
- Utilize a strong understanding of common attack frameworks (e.g., MITRE ATT&CK) and how to map detections to TTPs
- Understanding of authentication and authorization schemes such as SAML, OpenID, OAuth2, and SCIM
- Experience scripting/coding in at least one of the following languages: Python, NodeJS, Ruby, Bash
- Be the go-to technical subject matter expert on security, compliance, and assurance topics
- Communicate ideas to technical and non-technical audiences
- Comfortable with ambiguity, have a strong analytical acumen, self-motivated, able to work cross-functionally
- Experience with SIEM platforms like Panther is a plus and its detection capabilities
- Familiarity with Wiz and cloud native security tooling for detection in AWS, Azure, or GCP
- Relevant certifications in cloud security or incident response (e.g., SANS GIAC certifications)
- Proven experience in developing, deploying, and maintaining detection rules (e.g., Sigma, YARA, Splunk SPL, KQL) across various security platforms
Benefits
- health, dental, vision, short-term disability, and life insurance
- paid holidays and paid time off
- a fertility treatment benefit
- 401(k)
- equity
- eligibility for a discretionary company-wide bonus
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
• support day-to-day security monitoring and alert triage • Lead high-severity incident response • Mentor junior analysts • Improve detection logic and workflows • Coordinate response across teams • Conduct threat hunting • Contribute to metrics and reporting • Assist with documentation and training
• Lead high-severity incident response • Mentor junior analysts • Improve detection logic and workflows • Coordinate response across teams • Conduct threat hunting • Contribute to metrics and reporting • Assist with documentation and training
• Design, implement, and maintain SIEM, EDR, and security monitoring platforms • Develop and tune detection logic to reduce false positives • Lead investigation and response for complex incidents • Build automation, playbooks, and workflows • Partner with IT and engineering teams on remediation • Conduct root cause analysis and post-incident reviews • Maintain documentation and runbooks • Support audit and compliance requests
• Support day-to-day security monitoring and alert triage • Monitor alerts from SIEM and endpoint tools • Perform initial triage and validation • Escalate incidents per procedures • Analyze phishing attempts • Document investigations • Follow runbooks and playbooks • Participate in training and exercises
