Threat Detection Engineer (Cybersecurity, Remote)

Job summary

This role focuses on developing and maintaining runtime security policies for Tetragon, a Kubernetes-aware security tool that enhances system security through real-time observability and enforcement using eBPF technology. The engineer will ensure visibility of suspicious activities and protection against emerging threats.

Qualifications

• Minimum of 3 years of experience in threat and/or vulnerability research.
• At least 3 years of experience in developing security detections for diverse environments.
• A minimum of 3 years of experience in Linux system security, including capabilities and LSMs.
• Strong written and verbal communication skills.

Responsibilities

• Create and maintain Tetragon runtime security policies based on threat intelligence and vulnerability disclosures.
• Design frameworks and architectures for customer-friendly policy consumption and security posture understanding.
• Monitor CVEs and threat intelligence to inform policy development.
• Collaborate with software engineers to enhance Tetragon security capabilities.
• Support and deploy Tetragon security policies in production environments, interacting with solution architects and customers as needed.
• Publish content and deliver presentations based on research and findings.

Skills

• Proficiency in eBPF and its security applications is preferred.
• Familiarity with cloud-native ecosystems, including containers and Kubernetes, and their Linux implementations (e.g., cgroups, namespaces).

Education

• Relevant degree or equivalent experience in cybersecurity or a related field.

Tools

• Experience with security monitoring tools and frameworks, particularly in cloud-native environments.