Detection Engineer

🕒 il y a 1 mois

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

GreyNoise Intelligence

Site WebLinkedInTous les Emplois

11 - 50 employés

Fondée en 2017

🔒 Cybersecurity

Cybersecurity

GreyNoise Intelligence est une entreprise qui propose des solutions d'intelligence en temps réel permettant aux équipes de sécurité de gérer et de prioriser les cybermenaces sans être submergées par des alertes de faible priorité. Leur plateforme utilise un réseau mondial de capteurs propriétaires pour filtrer le trafic bénin et se concentrer sur l'identification des activités malveillantes, améliorant ainsi l'efficacité de la gestion des vulnérabilités et soutenant les équipes de chasse aux menaces et les opérations de sécurité. GreyNoise est particulièrement compétent dans l'identification des vulnérabilités zero-day et joue un rôle clé dans la protection des entreprises et des organisations gouvernementales contre les menaces de haut niveau. En se concentrant sur la distinction entre les menaces importantes et le bruit internet bénin, GreyNoise offre des données et des solutions personnalisées qui augmentent la rapidité et la confiance des réponses de sécurité en temps réel.

Description

• Write and tune Intrusion Detection System rules grounded in observed network behavior. • Maintain and improve tag coverage and quality: adding new tags, fixing broken ones, and de-duplicating overlaps. • Maintain benign actor classifications and known-scanner lists so non-malicious traffic is accurately labeled. • Resolve accumulated detection issues that degrade data quality for users and customers. • Use internal CLI tooling to lint, test, and deploy detection rules and tags at scale. • Read and analyze packet captures (pcaps) and related network artifacts during routine validation and debugging. • Validate detections against real traffic and own the trade-offs between false positives and false negatives for individual rules. • Triage a steady stream of inbound detection requests, CVEs, and internal coverage questions. The team processes dozens of new items weekly. • Ensure detections are wired correctly end-to-end: from raw data through rule logic to tag output. • Flag edge cases, collisions, and unexpected behavior in tags or rules for deeper follow-up. • Work closely with researchers to keep them focused on longer-horizon projects. • Communicate clearly about what you are working on, blockers, and trade-offs when priorities shift. • Help sales, support, and customer success get faster, clearer answers on detection coverage questions.

🎯 Exigences

• Demonstrated ability to read and analyze packet captures (pcaps). • Experience writing or maintaining Suricata rules or similar network detection signatures. • Comfortable with high context-switching: moving between tags, rules, pcaps, and internal requests throughout the day. • Strong attention to detail; small mistakes in tags or rules have outsized downstream effects. • Clear, concise written communication, especially when something is broken, ambiguous, or blocked.

🏖️ Avantages

• 💵 Equity in a high-growth, Series-A startup • 👩‍⚕️ 100% covered health, dental, vision, and life plans for all employees • 6️⃣ Competitive 401k employer match of 6%, which is special for a startup. This will be 100% matched and vested from day 1 • 🏖 Flexible paid time off. To encourage time off from work and ensure overall employee health and wellness, GreyNoise strongly recommends each employee to take at least 120 hours of PTO (3 weeks) annually, including at least five consecutive business days • 🌎 Remote-first culture. While we are headquartered in the Washington DC area, we have a distributed workforce -- with the majority of our team working remotely from across the country • 💻 Equipment budget. Every new employee gets an Apple Mac laptop and a $500 stipend for any equipment accessories. • 👼 Paid family leave for all employees. We offer 4 months of paid leave (birth or adoption), plus 2 months of optional unpaid leave, so new parents have time to adjust to the new life (and work) schedule • 📚 Learning & development budget. All employees receive an annual $1,500 towards professional development related to their job function. The stipend can be applied to tuition, books, conferences, and more • 🌴 Company offsites and monthly local hangouts to encourage team bonding