Staff Security Engineer - Threat Detection
The Reddit Security Intelligence Center (RSIC) is seeking a Staff Security Engineer. This is an opportunity to have an outsized impact on a highly skilled and motivated team. We look for humble experts with a relentlessly resourceful and entrepreneurial “can do” view of security. RSIC engineers manage the data pipeline, analyze security threats, build detections, and respond to security events. We value broad and deep technical knowledge, specifically in the fields of data analytics, system forensics, malware analysis, threat hunting, threat intelligence, and application, endpoint, & infrastructure security.
If you are passionate about data, security, threat models, and building creative mitigations, we need you. The ideal candidate has worked as part of a Computer Security Incident Response Team (CSIRT) and has extensive experience building creative detections, mapping detections to various security models, and deriving actionable intelligence to provide high fidelity alerting. You will help build a scalable detection and incident response system to analyze security events and find anomalies across Reddit’s technical ecosystem (endpoints, cloud, and SaaS).
What You'll Do:
- Identify and implement high-quality detections, playbooks, and solutions that improve Reddit’s detection and response capabilities
- Evaluate the impact of current security trends, advisories, publications, and academic research, coordinating detection and response as necessary
- Drive actionability to detections and take feedback from incident response across multiple cross-functional teams
- Work alongside and mentor engineers to improve security and reduce risk
- Influence the collection of telemetry and observability spanning sources like endpoints (Mac, Windows, Linux), Cloud (AWS and GCP), Kubernetes, and SaaS applications.
- Keep your knowledge and skills current with the rapidly changing threat landscape
- Participate in an on-call rotation (high fidelity detections matter)
What We Can Expect From You:
- 5+ years of demonstrated experience analyzing data, writing detections, and leading security incident response
- Hands on expertise with Splunk SIEM & SOAR solutions, with deep experience in developing Risked Based Alerting (RBA)
- Proficient in threat hunting hypothesis forming and evaluation, and evidence gathering and coalescence
- Extensive experience with GitOps in threat detection pipelines, knows their way around a command line
- Technical depth in one or more specialties including: application security, cloud infrastructure security, digital forensics, malware analysis, threat hunting or some combination thereof
- Strong understanding of security vulnerabilities, attacker exploit techniques, and methods for their remediation
- Deep knowledge of various endpoint operating systems, security tools, cloud providers, and architecture designs
- Demonstrated knowledge of security data pipeline architecture designs
- Relevant industry certifications from SANS, SIEM vendors, etc.
- Excellent communication and collaborative skills
- Ability to work with a high degree of autonomy
- Comprehensive Health benefits
- 401k Matching
- Workspace benefits for your home office
- Personal & Professional development funds
- Family Planning Support
- Flexible Vacation (please use them!) & Reddit Global Days Off
- 4+ months paid Parental Leave
- Paid Volunteer time off
This job posting may span more than one career level.
In addition to base salary, this job is eligible to receive equity in the form of restricted stock units, and depending on the position offered, it may also be eligible to receive a commission. Additionally, Reddit offers a wide range of benefits to U.S.-based employees, including medical, dental, and vision insurance, 401(k) program with employer match, generous time off for vacation, and parental leave. To learn more, please visit https://www.redditinc.com/careers/.
To provide greater transparency to candidates, we share base pay ranges for all US-based job postings regardless of state. We set standard base pay ranges for all roles based on function, level, and country location, benchmarked against similar stage growth companies. Final offer amounts are determined by multiple factors including, skills, depth of work experience and relevant licenses/credentials, and may vary from the amounts listed below.