Security Software Engineer
United States - Remote
Stellar Cyber
Next Gen SIEM Security - Stellar Cyber delivers NG-SecOps, Next Gen SIEM, Network Detection and Response, EDR platform along with SIEM security tools.Stellar Cyber is a fast-growing Cybersecurity company focused on delivering holistic cyberattack protection to organizations while significantly reducing total costs of ownership with its innovative Open XDR (eXtended Detection and Response) platformbased on advanced ML and security technologies. Stellar Cyber has been recognized by Gartner as one of the leading XDR players.
To accelerate our growth, we are seeking a talented Sr./Staff Security Engineer specializing in detection to join our cybersecurity team with startup passion, a can-do attitude, and a desire to make an impact, while building a future for themselves and Stellar Cyber. If you are excited to be part of a very fast-growing team with lots of opportunities, Stellar Cyber is a great place to grow your career.
Position Overview
As a highly skilled and motivated Security Software Engineer specializing in developing security software features to join our cybersecurity team. As a Security Software Engineer, you will play a crucial role in developing and maintaining out-of-the-box detection rules and the detection framework shipped with Stellar Cyber’s OpenXDR platform, making the platform achieve the best-in-class detection coverage.
Responsibilities
- Research and author detection rules in Sigma format. Your top responsibility will be to create out-of-the-box detection rules in Stellar Cyber’s Open XDR platform. These rules will be covering various areas in need, such as endpoints (e.g., Windows, Linux), cloud (e.g., AWS, Azure), SaaS (e.g., Microsoft 365, Google Workspace), and network (e.g., DNS metadata).
- Manage and build detection use cases for out-of-the-box detection rules. You will be responsible for organizing detection rules into carefully designed use cases (e.g., with alert types, TTP mappings, informative alert descriptions, etc.) that help Stellar Cyber’s customers to understand and work on the rule-triggered alerts effectively.
- Design, develop, and maintain Stellar Cyber’s rule detection framework. You will be responsible for continuously improving the detection framework that runs the detection rules, such as the support for more Sigma rule syntax.
- Design, develop, and maintain automation and appropriate CI/CD pipelines for detection rule development, testing, deployment, and other management features deemed necessary to improve efficiency of working with a large number of rules.
- Continuously evaluate, monitor, and tune the accuracy and efficacy of detection rules. You will be responsible for periodically checking and evaluating the accuracy and efficacy of the detection rules deployed to Stellar Cyber’s customers, and tune certain noisy rules if necessary.
- Collaborate with Product and Engineering teams to release detection rules and detection use cases. Releasing rules is a sophisticated process in which there are multiple considerations including customer needs, product roadmap, engineering feasibility. You will be closely working with Product Management, Engineering, and High-Value Customers to ensure a smooth release process.
Requirements
- Bachelor’s or Master’s degree in Computer Science or a related field of study, and three years of experience or more in the security industry is preferred.
- Strong system design and problem-solving skills in designing and implementing microservices, language parsers and compilers, detection engines, and etc.
- Three years plus experience in Python or Java or Golang, with hands-on experience of implementing sophisticated software systems with these languages.
- Experience with threat detections, detection tuning, and threat hunting in the security operation settings (e.g., with a SIEM product).
- Experience with using, managing, developing Sigma rules, Splunk rules, Elastic rules, and Suricata rules or other IDS rules.
- Security knowledge on networking, operating systems (Windows and Linux), web servers, firewalls, proxies, and cloud services (e.g., Azure, AWS, OCI), and being able to apply the knowledge in detection rule research and authoring.
- Knowledge on MITRE ATT&CK Framework, Cyber Kill Chain, Unify Kill Chain, and being able to apply the knowledge in designing detection use cases.
- Willingness and enthusiasm to keep up with new security trends and threats, as well as related technologies.
- Excellent communication skills, both written and verbal, with the ability to present complex ideas to both technical and non-technical stakeholders.
Benefits
We pride ourselves in recognizing our employees. Here are some examples of our benefits program:
- Pre-IPO Stock Options
- Medical, Dental & Vision care
- 401(k)
- Employee Assistance Program
- Employee Discount Program
- Life Insurance
- Paid time off
- Referral Program
- Rewards and Recognition Program
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Azure CI/CD Cloud Compilers Computer Science Cyber Kill Chain DNS Firewalls Golang IDS Java Linux Microservices MITRE ATT&CK Python SaaS SIEM Splunk Windows XDR
Perks/benefits: Career development Equity Health care Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs