Role Description As a Security Product Researcher at Corelight, you will collaborate closely with product management, engineering, and network security experts to investigate, design, test, and construct solutions for complex network security challenges. You will play a pivotal role in defining what is achievable for future Corelight products and setting the benchmark for network detection in the cybersecurity landscape. Responsibilities - Turn theory into code with rapid prototyping. - Lead early development initiatives by coding and scripting rapid prototypes (using tools like Zeek, Suricata, and AI/LLMs). - Demonstrate a proven ability to utilize AI, including Large Language Models (LLMs) and agentic systems, for both software development and cybersecurity applications. - Work in close partnership with leaders in product, research, and engineering on the forthcoming generation of network security AI products. - Manage and advance projects from their initial concept to customer deployment and testing. - Harness existing capabilities to find innovative ways to enhance the usability, deployment, and consumption of Corelight products. - Cultivate new product ideas and features, driven by a strong sense of curiosity and a passion for innovation. - Champion innovation within Corelight and its customer base. Qualifications - A strong dedication to our core values: low-ego results, tireless service, and applied curiosity. - 5+ years of experience in agile development within a full-stack environment with demonstrated experience in LLM and agentic AI ecosystems. - A solid grasp of the cybersecurity landscape, with a particular emphasis on network detection and response. - The ability to work autonomously, manage multiple tasks, and iterate on solutions with speed and efficiency. - Understanding of computer networking, including layers 2-7 of the OSI model and their contributions to network operations and security. - A thorough understanding of network security concepts, including encryption, protocol abuse, and patterns of attack. - Understanding of security operations, threat hunting, and incident response procedures. - Customer-centric communication skills for effective interaction both internally and with external stakeholders. Preferred Qualifications - Hands-on experience with Security Information and Event Management (SIEM) systems such as Splunk or Elastic. - A strong background in adopting and utilizing Agile development methodologies and tools. - Exceptional communication skills, with a history of successful collaboration across UX, engineering, and product teams. - Familiarity with data analytics, AI-assisted security decision-making, and automation. - Education: A degree in Computer Science, Cybersecurity, or a related technical field (or equivalent practical experience). Compensation Range $146,000 — $198,000 USD Why Join Us? Fueled by investments from top-tier venture capital organizations such as Crowdstrike, Accel and Insight, Corelight is one of the fastest growing network detection and response platforms in the industry. Our passionate team thrives in a collaborative, inclusive, and geographically distributed culture. We embrace diverse perspectives, neurodiversity, curiosity and low ego results - fostering an environment where every innovator can solve the toughest challenges in cybersecurity and contribute their best work.

• Develop, drive, and implement the overall information security program (goals, objectives, and policies) while establishing departmental goals and priorities to execute on that vision. • Establish a defined, consistent security architecture standard and work with business units to implement technical controls in line with cutting edge best in class security and privacy standards. • Drive domestic and international projects to meet emerging cyber security requirements, data protection and privacy laws. • Implement approved policies and procedures to ensure information security efforts are properly coordinated and in compliance to make recommendations for changes and improvements to reduce the overall security risk. • Monitor and assess the compliance of the organization with information security policies and procedures, while ensuring third-party compliance. • Oversee incident response planning, data loss prevention and remediation of breaches, serving as the focal point for response delivery. • Implement an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation and perform and/or oversee vulnerability testing. • Coordinate and deliver information security reporting and assessments as required by regulatory agencies, clients, and management. • Work with peers across the company to review customer feedback/ requirements and ensure that security strategy and roadmaps are aligned with the security needs of customers. • Keep current on latest security and privacy legislation, regulations, alerts, and vulnerabilities pertaining to the organization. Conduct continual research to maintain knowledge of technology, customer needs and overall requirements. • Participate in key initiatives and projects to ensure that cybersecurity controls are accounted for early within the project and software development lifecycles. • Work with the division to ensure risk assessments are conducted on high-risk business applications. Provide escalation for high-risk issues arising from those assessments. Ensure remediation plans are tracked to completion.

• Provide strategic leadership on cloud security through the design and delivery of scalable, cloud-native security architectures • Develop and maintain cloud security reference architectures, patterns, and guardrails leveraged across the enterprise • Define and govern cloud security standards, policies, and procedures • Partner with Application Architects, Platform Engineers, and DevOps teams to embed security by design into cloud-native architectures and CI/CD pipelines • Build and maintain cloud security strategic roadmaps • Evaluate cloud platform and infrastructure projects for alignment with security, compliance, and cloud-native best practices • Lead cloud architecture and design reviews • Drive cloud security technology evaluations and proof-of-concept efforts • Partner with vendor management to assess the cloud security posture of existing and prospective vendors and SaaS providers • Lead cloud security assessments for mergers and acquisitions

• Monitor and triage security alerts from SIEM, EDR, and other tools; escalate and respond as needed. • Investigate security incidents, determine root cause, document findings, and develop IOCs to prevent recurrence. • Support escalations from internal employees or customers with security-related concerns. • Assist with security reviews related to infrastructure and system changes. • Build, enhance, and maintain internal security tooling and scripting repositories. • Contribute to the development of detection content, alert tuning, and automation pipelines. • Drive annual security team goals and cross-functional initiatives. • Author and maintain clear, actionable documentation and knowledge bases. • Mentor junior team members and share expertise across the organization. • Participate in a rotating on-call schedule for security operations support.