Threat Detection Engineer

At Sysdig, we believe cloud security isn't a compromise - it's a promise. From the start, our mission has been clear: to help organizations secure innovation in the cloud, the right way.We created Falco, the open standard for cloud threat detection, and continue to lead the cloud security market with runtime insights, open innovation, and agentic Al. Creators of technology trusted by over 60% of the Fortune 500, Sysdig gives teams the real-time clarity to move fast and defend what matters most.Culture matters here. We believe diversity fuels stronger ideas, and open dialogue drives sharper decisions. Recognized as a Best Place to Work and one of Deloitte's fastest-growing companies for the past 5 years, we're here to raise the standard for what cloud security and workplace culture should be.If you have the passion to dig deeper, the desire to challenge convention, and the curiosity to build something better, Sysdig is the right place for you.What You Will DoReporting to the Manager of Threat Engineering, you will research and maintain threat detections to identify threats that may affect our customers.Participate in Sysdig Threat Research Team activities by conducting impactful research on new detection use cases and developing detection methodsHelp automation efforts as they relate to security content by using scripting languages such as PythonDevelop reports and dashboards to measure the progress of detection effortsWhat You Will Bring With You2+ years of hands-on experience with one of the following:Security operations, EDR, security engineering, or incident responseHands-on experience in Linux, including expertise with system calls and in-depth knowledge of Linux internalsExperience creating threat detections for cloud environments, such as AWS, Azure, or GCPKnowledge of Kubernetes, container technologies, and container runtimes (e.g. Docker, containers, cri-o)Experience with SQL and programming languages such as Python or Go, plus using Git for version control and collaborative development.Experience with or knowledge of Falco, the OSS threat detection toolFamiliarity with analysing logs or other security artifacts for malicious behaviour to create detection rules.Comfortable working directly with customers to help improve their experience.What We Look ForPeople being trusted advisors with a customer success mindsetExperience from a startup environmentGrowth and learning mindsetWhen You Join Sysdig, You Can ExpectExtra days off to prioritize your well-beingMental health support for you and your family through the Modern Health appGreat compensation packageWe would love for you to join us! Please reach out even if your experience doesn't perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different.Some of our Hiring Managers are globally distributed, an English version of your CV will be appreciated.Sysdig values a diverse workplace and encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status.We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.