Security Engineer (Detection)
Surry Hills, New South Wales, Australia
Rokt
Rokt is the global leader in ecommerce technology & software solutions, driving more value per transaction with personalized experiences. Request a demo today.About Rokt
Rokt is the global leader in eCommerce technology, helping companies seize the full potential of every transaction moment to grow revenue and acquire new customers at scale. Live Nation, Groupon, Staples, Lands' End, Fanatics, UrbanStems, GoDaddy, Vistaprint and HelloFresh are among the more than 2,500 leading global businesses and advertisers that are using Rokt's solutions to drive more value through every transaction by offering highly relevant messages to their customers at the moment they are most likely to convert.
With our December 2021 Series E raise of USD$325M, Rokt is expanding rapidly and globally – operating in 14 countries across North America, Europe and the Asia-Pacific region with the largest office in NYC and a major R&D hub in Sydney. With more than 50% year-on-year revenue growth and vibrant company culture, Rokt has been listed in ‘Great Places to Work’ in the US and Australia. Our award-winning culture is guided by our eight core values: Smart with Humility, Conquer New Frontiers, Own the Outcomes, Enjoy the Ride, Force for Good, Raise the Bar, Communicate with Impact, and Disagree then Commit. These values help us attract, engage, and develop the right talent around the globe and ensure we have the right conditions to do our best work. Keen to join a fast-growing company and a vibrant culture? Learn more at rokt.com.
The Rokt engineering team builds best-in-class eCommerce technology that provides personalised and relevant experiences for customers globally and empowers marketers with sophisticated, AI-driven tooling to better understand consumers. Our bespoke platform handles millions of transactions per day and considers billions of data points which gives engineers the opportunity to build technology at scale, collaborate across teams and gain exposure to a wide range of technology. We are expanding rapidly in our major R&D centres in NYC and Sydney. We are passionate about using intelligent systems to improve the transaction moment for retailers everywhere. Come join us and build the future!
About The Role
Rokt is looking for a Security Engineer with a background in security log management, detection and response.
This is a hands-on role where you will design and implement solutions to capture and correlate security related logs and events from Rokt’s Cloud environments and SaaS tools, networks, and endpoints. You will normalize data from different log sources, enrich logs with environmental context and threat intelligence, filter out noise, define threat detection rules and anomaly thresholds, assess user or system behavior against established baselines, and correlate security events from across all of Rokt’s systems.
Responsibilities
- Evaluate the need to capture logs from various sources to a data lake
- Design, build, and maintain code and infrastructure to normalize, filter, and enrich log data
- Manage the CI/CD pipeline for detection and correlation rules, including the development of threat models, codifying, testing and deployment of new rules or user behavior models
- Automate testing and tuning of rules to ensure their ongoing validity and correctness
- Build playbooks to properly triage and respond to security incidents; write code to improve the speed and accuracy of triage and response activities
- Research and evaluate new products and services to improve our detection and response practices; assess business benefits and impacts of proposed solutions
- Manage relationships with relevant business departments, vendors and consultants
- Be on call and able to manage critical issues outside normal work hours
Requirements
- 4+ years of relevant experience building and managing Security Detection Engineering / SIEM solutions in high-volume Cloud-native environments
- Software engineering experience using modern languages (e.g. Golang, Python, Rust)
- Experience working with Cloud-native architectures (e.g. AWS), event streaming (e.g. Kafka, KQL) and data lakes (e.g. Snowflake)
- Good understanding of Linux, MITRE ATT&CK, Kill Chain, Vulnerability Management, TCP/IP and other networking principles
- Understanding of Secure SDLC, CI/CD Pipeline Monitoring and DevOpsSec principles
- Ability to work and think quickly in fast-paced environments
- The mindset of a hacker, you’re always on the lookout to find and close vulnerabilities
Benefits
- Work with the greatest talent in town. Our recruiting process is tough. We hold a high bar because we have a high-performing, high-velocity culture - we only want the brightest and the best.
- Join a community. We believe the best things happen when we come together to solve complex problems and make meaningful connections with each other through interest groups, sports clubs, and social events.
- Accelerate your career. Develop through our global training events, ‘Level Up’ investment, online training courses, and our fantastic people leaders. Take your career to Rokt’speed - Grow your career in our rapidly growing company.
- Take a break. When you work hard, we know you also need to rest. We offer generous time off and parental leave policies, as well as mental health and wellness days for all employees. We also believe taking time off in sync with one another is important. As such, we shut down our offices every year in late December/early January for two weeks, partially sponsored by the company. We also offer a paid Rokt’star Sabbatical for employees who have been with us for 3 years or more.
- Stay happy and healthy. Enjoy catered lunch every day and healthy snacks in the office. Plus join the gym on us! Rokt offers a monthly allowance to use on a gym membership or online fitness classes. We also provide all Rokt'stars access to free 1:1 coaching, therapy and digital mental wellness resources.
- Become a shareholder. All Rokt’stars have stock options. If we succeed, everyone enjoys the upside.
- See the world! Along with our global all-staff events in amazing locations (Phuket, Thailand in January 2020, Hawaii in May 2022), we also offer generous relocation packages for those interested in moving to another Rokt office. We have cool offices in great cities - New York, Sydney, London, Singapore, and Tokyo.
- We believe we are better together. We spend most of our time in the office (most teams are 4 days a week). One week per quarter, you also have the flexibility to work from anywhere.
- We believe in equality. Rokt is an Equal Opportunity Employer and recognises that a diverse workforce is crucial to our success as a business. We would love you to apply for one of our open roles - irrespective of socio-economic status or background, age, gender identity, race, religion, sexual orientation, colour, pregnancy, carer/family responsibilities, national and social origin, political opinion, marital, veteran, or disability status.
Salary Range - $160,000 - $207,500 AUD per year plus equity
#LI-Hybrid
Tags: AWS CI/CD Cloud E-commerce Ecommerce Golang Kafka Linux MITRE ATT&CK Monitoring Python R&D Rust SaaS SDLC SIEM Snowflake TCP/IP Threat detection Threat intelligence Vulnerabilities Vulnerability management
Perks/benefits: Career development Equity Fitness / gym Health care Paid sabbatical Parental leave Startup environment Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs