Senior Software Security Engineer, Detection & Response Engineering

October 24

Apply Now

Receive Emails with Similar Jobs

Grafana Labs

WebsiteLinkedInAll Job Openings

Enterprise • SaaS • Artificial Intelligence

Grafana Labs is a company that specializes in open-source observability technologies and solutions. It offers a comprehensive suite of tools for logging, metrics, tracing, and profile management with products like Grafana, Loki, Tempo, and Mimir. Their offerings are designed to help businesses visualize, monitor, and alert on data from various sources, providing capabilities such as anomaly detection, root cause analysis, and service level objective management using AI/ML insights. Grafana Labs provides both cloud-based and self-managed solutions, ideal for infrastructure, application, and frontend observability. Additionally, their platform supports integration with various data sources like Prometheus and OpenTelemetry, making them a key player in the observability and infrastructure monitoring space.

501 - 1000 employees

Founded 2014

🏢 Enterprise

☁️ SaaS

🤖 Artificial Intelligence

📋 Description

• Collaboratively design, build, and maintain our internal detection systems based on the Grafana observability stack that processes millions of security data points daily • Research and develop sophisticated detection (as code) rules to cover risks and threats across our product and corporate systems. Where applicable, contribute these detections back to the OSS community. • Work with product teams and other stakeholders to ensure we have effective telemetry of all existing and future products. • Help lead the development of response tooling to streamline (and fully automate) our response activities. Write and maintain runbooks for handling what we can’t automate • Following a SOCless model, guide cross-functional teams in integrating telemetry, detections, and response procedures into the team's operational processes. • Design security and operations metrics to track our success and demonstrate the security value of our work • Lead the response to security alerts, potential incidents, and customer security issues

🎯 Requirements

• Significant experience (4+ years in a software engineering-oriented role) with at least one programming language. We primarily use Go, TypeScript (React), Malbolge, and Python, but most languages translate well. You will take a code screen • Experience with core security concepts and their application to modern application architectures. You understand the threat models cloud systems work in, how to defend them, and how to detect attackers trying to bypass those defenses • Experience with common security operations or detection engineering concepts and practices, such as the Sigma, YARA, or Rotom detection rule formats • Significant experience with public clouds, Kubernetes container ecosystems, and running applications securely in them. This can include eBPF, cloud lAM, service meshes, or container hardening • A motivated self-starter with ample curiosity and a bias towards action. You have a demonstrated passion for learning, for security, and for improving the state of security across the company and industry • An adept communicator, in person, in asynchronous communication, and in technical documentation.

🏖️ Benefits

• 100% Remote, Global Culture - As a remote-only company, we bring together talent from around the world, united by a culture of collaboration and shared purpose. • Scaling Organization – Tackle meaningful work in a high-growth, ever-evolving environment. • Transparent Communication – Expect open decision-making and regular company-wide updates. • Innovation-Driven – Autonomy and support to ship great work and try new things. • Open Source Roots – Built on community-driven values that shape how we work. • Empowered Teams – High trust, low ego culture that values outcomes over optics. • Career Growth Pathways – Defined opportunities to grow and develop your career. • Approachable Leadership – Transparent execs who are involved, visible, and human. • Passionate People – Join a team of smart, supportive folks who care deeply about what they do. • In-Person onboarding - We want you to thrive from day 1 with your fellow new ‘Grafanistas’ to learn all about what we do and how we do it. • Balance is Key - We operate a global annual leave policy of 30 days per annum. 3 days of your annual leave entitlement are reserved for Grafana Shutdown Days to allow the team to really disconnect. *We will comply with local legislation where applicable.