DevSecOps - Threat Detection & Response

About HashiCorp

HashiCorp is a fast-growing startup that solves development, operations, and security challenges in infrastructure so organizations can focus on business-critical tasks. We build products to give organizations a consistent way to manage their move to cloud-based IT infrastructures for running their applications. Our products enable companies large and small to mix and match AWS, Microsoft Azure, Google Cloud, and other clouds as well as on-premises environments, easing their ability to deliver new applications for their business.

Engineering at HashiCorp is largely a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.

Our Team

We're looking for talented Security Engineers to join our Threat Detection and Response Team. This team helps defend HashiCorp through strategic detection and response across all of our products and enterprise. 

This Position

This person will be responsible for creating the tooling and infrastructure that drives our detection and response pipelines. You will work closely with teams across the company to provide foundation tooling to scale detections across all environments.

As a member of our Threat Detection and Response team, you’ll be responsible for ensuring we have the proper visibility, detections, and operations to protect HashiCorp and our customers.  You will work closely with engineering teams to turn detections into preventions where possible and continue to drive down time to detection and time to remediation across the enterprise.

In this role, you can expect to:

- Research and develop detection rules utilizing an array of tools

- Develop tooling to improve detection and response capabilities

- Be involved with incident response (IR) serving both as a responder and commander and help mature the process

- Improve our current automation and expand our use cases to reduce manual effort during the investigation and IR process

- Contribute to internal tooling that supports our cloud security posture

- Work across security and engineering teams collaborating on efforts to secure our infrastructure and improve the coordination of IR efforts

You may be a good fit for our team if you have experience in some of these areas:

-  You have 2+ years of work experience in threat detection, incident response, threat intelligence, or infrastructure security

- You have programming experience in Python and/or Go to build security tools

- You have familiarity with securing cloud services running in Modern Cloud
  environments

-  You have experience in developing and deploying cloud native applications in
  production

- You have demonstrated technical experience across related security disciplines
  e.g. appsec, intrusion detection and response, network security, infrastructure
  security, etc

- You have the ability to prioritize and track multiple projects in parallel

- You have previous experience working in collaborative security teams.

- You have a background in Threat Detection & Response

- You have experience operationalizing security tooling and infrastructure

- You have experience implementing and scaling security programs in a startup
  environment

-You have experience speaking / publishing in security conferences 

-You have publicly released tools or modules

-You love to build and push the industry to do better

About the Application Process

Please note, as communication is a critical aspect of how we work, a cover letter is a great way to provide a sample of how you communicate. In your cover letter, describe why you're interested in working at HashiCorp, and what draws you to this role in particular.

HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.

For more information regarding how HashiCorp collects, uses, and manages personal information, please review our Privacy Policy.