Requirements

Analyze security tickets to identify detection impact, team pain points, and iterate on detection logic for enhanced accuracy and reduced false positives
Implement an AI-first approach, using it to augment human analysis, improve detection signal-to-noise, and reduce MTTD and MTTR
Deep understanding of macOS and Linux internals, adept at leveraging this knowledge for advanced threat detection, forensic analysis, and system hardening in complex environments
Strong capabilities in Splunk, including developing sophisticated, high-performance SPL queries, and optimizing data models and search efficiency
Practical experience applying AI and machine learning models/techniques to large-scale security datasets for proactive threat hunting, advanced anomaly detection, and intelligent alert triage

Nice to Haves

Competent coding skills (Python preferred) applied to problem-solving, data analysis, and the automation of security tasks and workflows
Experience designing, implementing, and maturing security monitoring and detection strategies within multi-cloud environments (AWS, GCP, Azure), including expertise in cloud-native security services and log sources

Provide crucial support during critical security incidents, investigating, containing, and remediating threats with the incident response team
Design and execute attack simulation scenarios based on real-world TTPs to test and validate new and existing detection capabilities
Advise internal stakeholders (engineering, product teams) on security topics, offering guidance on OpSec, secure infrastructure design, and risk mitigation

You can choose the working option that suits you @home, @flex, or @office
A self-starter mentality with a portfolio of independent research, tool development, or contributions to the security community (e.g., blog posts, conference talks, open-source projects)