Sumo Logic is looking to solve the problem of defending multiple organizations and technologies by researching and creating detection content for Sumo Logic Cloud SIEM customers
Requirements
- Experience sourcing threat detections from research to deployment
- Knowledgeable of multiple technology stacks and willingness to learn new technologies
- Experience working in at least one public cloud (AWS, Azure, GCP)
- Experience analyzing cloud infrastructure log telemetry
- Contributed cybersecurity blogs or linkedIn posts, and conference talks
- Offensive cybersecurity tool experience (Atomic Red Team, Sliver, Cobalt Strike etc)
- Scripting experience (Python, PowerShell, etc)
Responsibilities
- Research, Develop, and Test detection rules within lab infrastructure
- Work with product management to identify focus of research and development campaigns
- Maintain and expand threat research lab infrastructure
- Provide practitioner feedback to engineering and product management regarding features and roadmap
- Research industry trends for detection opportunities
- Contribute to the community through blogs, conference talks, open source projects etc.
- Align with Threat Detection Engineering on content development efforts and deployment
Other
- 8+ years of cybersecurity experience
- Must be authorized to work in the United States at time of hire and for duration of employment
- At this time, we are not able to offer nonimmigrant visa sponsorship for this position
- Experience in customer facing technical role (consulting, IT help desk/remote support)
- Established social media presence in the cybersecurity industry/community (Twitter and the like)
