Sr. Security Engineer
Stellar Cyber is a fast-growing Cybersecurity company focused on delivering holistic cyberattack protection to organizations while significantly reducing total costs of ownership with its innovative Open XDR (eXtended Detection and Response) platformbased on advanced ML and security technologies. Stellar Cyber has been recognized by Gartner as one of the leading XDR players.
To accelerate our growth, we are seeking a talented Security Engineer specializing in detection to join our cybersecurity team with startup passion, a can-do attitude, and a desire to make an impact, while building a future for themselves and Stellar Cyber. If you are excited to be part of a very fast-growing team with lots of opportunities, Stellar Cyber is a great place to grow your career.
As a Security Engineer, you will play a crucial role in authoring and managing out-of-the-box detection rules shipped with Stellar Cyber’s Open XDR platform, building detection use cases, and making the platform achieve best-in-class detection coverage.
- Research and author detection rules in Sigma format. Your top responsibility will be to create out-of-the-box detection rules in Stellar Cyber’s Open XDR platform. These rules will be covering various areas in need, such as endpoints (e.g., Windows, Linux), cloud (e.g., AWS, Azure), SaaS (e.g., Microsoft 365, Google Workspace), and network (e.g., DNS metadata).
- Manage and build detection use cases for out-of-the-box detection rules. You will be responsible for organizing detection rules into carefully designed use cases (e.g., with alert types, TTP mappings, informative alert descriptions, etc.) that help Stellar Cyber’s customers to understand and work on the rule-triggered alerts effectively.
- Continuously evaluate, monitor, and tune the accuracy and efficacy of detection rules. You will be responsible for periodically checking and evaluating the accuracy and efficacy of the detection rules deployed to Stellar Cyber’s customers, and tune certain noisy rules if necessary.
- Collaborate with Product and Engineering teams to release detection rules and detection use cases. Releasing rules is a sophisticated process in which there are multiple considerations including customer needs, product roadmap, engineering feasibility. You will be closely working with Product Management, Engineering, and High-Value Customers to ensure a smooth release process.
- Bachelor’s or Master’s degree in Computer Science or a related field of study, and three years of experience or more in the security industry is preferred.
- Extensive experience with threat detections, detection tuning, and threat hunting in the security operation settings (e.g., with a SIEM product).
- Experience with using, managing, developing Sigma rules, Splunk rules, Elastic rules, and Suricata rules or other IDS rules.
- Comprehensive security knowledge on networking, operating systems (Windows and Linux), web servers, firewalls, proxies, and cloud services (e.g., Azure, AWS, OCI), and being able to apply the knowledge in detection rule research and authoring.
- Comprehensive knowledge on MITRE ATT&CK Framework, Cyber Kill Chain, Unify Kill Chain, and being able to apply the knowledge in designing detection use cases.
- Willingness and enthusiasm to keep up with new security trends and threats, as well as related technologies.
- Excellent communication skills, both written and verbal, with the ability to present complex ideas to both technical and non-technical stakeholders.
- Preferred Engineering experience with Git, Python, and other programming languages, as well as the ability to work on reasonably sophisticated scripts together with engineers on the team to improve efficiency in the rule development process.
We pride ourselves in recognizing our employees. Here are some examples of our benefits program:
- Pre-IPO Stock Options
- Medical, Dental & Vision care
- Employee Assistance Program
- Employee Discount Program
- Life Insurance
- Paid time off
- Referral Program
- Rewards and Recognition Program