Threat Operations Engineer

In the cloud, every second counts. On the leading edge of security, Sysdig stops attacks in real time by instantly detecting changes in cloud security risk with runtime insights and open source Falco. We are passionate open source enthusiasts at heart and technical problem-solvers who are continually innovating and delivering powerful solutions to secure cloud-native applications.

We value diverse opinions and open dialogue to spur ideas. We believe in working closely together to achieve our goals, and since our launch, we have been flexible with when and where we work. We’re an international company that understands how to cultivate a strong culture across remote teams. 

And we’re a great place to work too – we’ve been named a “Best Place to Work” by Inc., the San Francisco Business Times and the Silicon Valley Business Journal, and we won six workplace awards from Comparably this year. We have been recognized by Deloitte as one of the 500 fastest-growing organizations for the last four years. 

We are looking for driven team members who want to join us on our mission to lead cloud security globally. Does this sound like the right place for you?

Your Opportunity:

Sysdig is looking for a Threat Operations Researcher to work on cutting edge cloud and cloud-native security. Work with an industry-leading research team to identify the latest security threats in runtime and the cloud. Help us create new tools and services to detect and track cutting-edge adversaries. 

What you will do 

• Create the infrastructure and tools to research novel cloud-based cyber attacks and malicious actor TTPs
• Automate threat research tasks, such as threat intelligence collection, malware analysis, and detection engineering
• Partner with our application and product teams to architect security solutions for containers, Kubernetes, and cloud
• Author content on all aspects of cloud and container security and publish your findings
• Develop security rules and algorithms based on security research and best-practices  

What you will bring with you

• 5 years of cybersecurity experience with knowledge of any of the following: DevOps, DevSecOps, Security Engineering, SOAR, Threat Hunting, Malware Analysis, or Incident Response
• Hands-on experience using security analysis tools like OSINT tools, IaC tools such as Terraform or CloudFormation, GitHub Actions, Helm, or other modern software stack tools
• You’ve deployed and worked with container-based cloud infrastructure, including Docker and/or Kubernetes
• Leveraged any of the major cloud providers – AWS, GCP or Azure as part of your active security research   
• Experience with scripting (Python, Go, etc)  for the purposes of data analysis or automation

Why work at Sysdig?

• We’re a well-funded, fast-growing company that has a large enterprise customer base.
• We have a pragmatic and transparent culture from the CEO down.
• We are leading the cloud security market.
• Our open source tools (https://sysdig.com/opensource/) are widely used and loved by technologists and developers.

When you join Sysdig, you can expect:

• Competitive compensation, including equity opportunities.
• An international culture with employees in more than 40 countries.
• Flexible work arrangements.
• Mental well-being support for you and your family, a wellness alliance, and company-wide recharge days.
• Career growth and development opportunities.

We would love for you to join us! Please reach out even if your experience doesn’t perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career is unconventional.

Sysdig values a diverse workplace and strongly encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status.

#LI-JG1

#LI-Hybrid