Security Engineer

By making evidence the heart of security, we help customers stay ahead of ever-changing cyber-attacks. 

Corelight is the cybersecurity company that transforms network and cloud activity into evidence.  Evidence that elite defenders use to proactively hunt for threats, accelerate response to cyber incidents, gain complete network visibility and create powerful analytics using machine-learning and behavioral analysis tools.  Easily deployed, and available in traditional and SaaS-based formats, Corelight is the fastest-growing Network Detection and Response (NDR) platform in the industry.  And we are the only NDR platform that leverages the power of Open Source projects in addition to our own technology to deliver Intrusion Detection (IDS), Network Security Monitoring (NSM), and Smart PCAP solutions.  We sell to some of the most sensitive, mission critical large enterprises and government agencies in the world.

Role

In this role you will join a small but growing security intelligence team. We offer broad scope and autonomy allowing the right candidate to spread their wings and fly. We’re seeking a growth-oriented security engineer who can use their technological skills to make us more efficient and grow into our vision of leveraging knowledge graphs to supercharge security intelligence and operations. We believe in a wholesale rebranding of security operations to security intelligence ensuring that our outputs provide positive value to the business in the form of fuel for proactive decision making. You will be the tip of the spear with an opportunity to drive data collection, analysis, detection engineering and security control validation. 

Job Responsibilities

• Focus on building analytics workbooks, workflows
• Focus on data quality and data transformation by working with partner teams to improve observability 
• Focus on detection engineering and alerting specifically against cloud use cases. 
• Report SOC related metrics via dashboards and/or reports 
• Directly support incident response activities
• Develop automated processes including security control validation. 
• Develop against our security knowledge graph

Our Ideal Candidate has: 

• Hands-on knowledge of information security technologies such as incident response, threat hunting, offensive security (red-teaming), security design review, threat modeling, risk analysis, and penetration testing
• Has deep working knowledge of cloud security principles and experience across cloud providers
• Ability to make concrete progress in the face of ambiguity and imperfect knowledge (avoid analysis paralysis)
• Strong information security risk-based prioritization abilities
• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
• Worked with knowledge graphs and graph databases (Neo4j, Amazon Neptune)
• Is comfortable identifying and socializing inefficiency while also presenting solutions
• Has strong creative and analytical thinking skills
• Has a heavy bias toward automation and durable processes
• Has experience with data analysis technologies such as Python, Scala, R, Spark, or Jupyter Notebooks
• Base knowledge of Infrastructure as Code (IaC) solutions like Terraform, Pulumi, or AWS CloudFormation

We are proud of our culture and values - driving diversity of background and thought, low-ego results, applied curiosity and tireless service to our customers and community.  Corelight is committed to a geographically dispersed yet connected employee base with employees working from home and office locations around the world.  Fueled by an accelerating revenue stream, and investments from top-tier venture capital organizations such as Crowdstrike, Accel and Insight - we are rapidly expanding our team.  

Check us out at www.corelight.com