A career in IBM Software means you'll be part of a team that transforms our customer's challenges into industry-leading solutions. We are an infinitely curious team always seeking new possibilities and dedicated to creating the world's leading AI-powered cloud-native software solutions. Our renowned legacy creates endless global opportunities for our network of IBMers. We are a team of deep product experts ensuring exceptional client experiences with a focus on delivery excellence and obsession over customer outcomes. This position involves contributing to HashiCorp's offerings now part of IBM which empower organizations to automate and secure multi-cloud and hybrid environments. You will join a team managing the lifecycle of infrastructure and security enhancing IBM's cloud solutions to ensure enterprises achieve efficiency security and scalability in their cloud journey.
HashiCorp (An IBM Company)
Sr. Threat Detection & Response Engineer
We're looking for talented Threat Detection & Response Engineers to join our Security Operations Team. This team will help defend HashiCorp through strategic detection response and prevention patterns across all of our products and the enterprise. This person will be responsible for enhancing our detection capabilities through threat research rule creation and alert investigation tool development and collaboration across teams to understand potential threat vectors which cannot be fully prevented.
You will partner with engineering and other stakeholders to define and drive a rapid response program to secure our vast technological footprint supporting  our products and the enterprise.  Tooling and automation will be key to success as we scale our environments to meet customer demand.  Lastly we can’t detect what we can't see so driving visibility improvements across the company will be key to ensuring the IR function is always equipped with the necessary data to perform their job function.
You may be a good fit:
- Comfortable participating in on-call rotations handling security alerts and incidents
- Ability to breakdown complex detection logic and to teach other team members how the detection works the theory behind it and also what to do when the alert is triggered
- Familiarity with MITRE ATT&CK and researching emerging threats
- Understanding of different types of detection engines and knowing the right tool to leverage at the right time
- Understand how to properly determine scope and impact from an array of multiple alerting systems monitoring both corporate IT and production environments
- Comfortable with the incident response process from triage to closure providing various levels of support and coordination across multiple teams
Note to Candidates:Â Â This is a list of items we think would define a successful candidate but we encourage you to apply if you feel you are a great match.
- 5+ years of experience in a role performing Threat Detection or Incident Response
- Proficiency in coding with Python or Golang with a desire to continue to build these skills and contribute to internal tool development.
- Understanding of what logs are available and useful for:
- Linux (Production Workloads)
- AWS (Primary) GCP Azure
- Understand how to develop rules utilizing hypothesis driven detection research leveraging tools such as:
- Python
- Athena SQL Presto etc.
- Threat Intelligence Services and OSINT
- CI / CD experience
- Familiarity with common Detection or Infrastructure as Code deployment processes (Terraform Sigma)