Incident Detection Engineer

Heard anything about breaches lately? Despite best efforts we keep hearing about them - and anyone working in cybersecurity has some ideas as to why. Every week it seems like there's another story about a company being held for ransom. So how do we solve this issue? We've spent decades trying to figure out how best to do detection and response, so...

Enter Blumira!

We have a platform, a vision, and a team that can turn the tide. By making good security simple and affordable, we can democratize it to help smaller organizations that have been neglected, priced-out, or, simply—failed—by existing solutions. In helping them, we help their customers, and, overall, make the Internet a safer place.

To realize our vision, we're looking for smart and driven team players who want to change security, like you!  You’ll be joining a small team and will help drive a large part of the product. This will mean responsibility, and freedom; risk, and opportunity; anxiety, and exhilaration. You’ll build a lot, learn a lot, and grow a lot as a security and IT professional. The challenge is big, but so is the reward for getting this right. Are you in?

Blumira views the Incident Detection Engineering Team as the defensive security brain center for its Customers. This Team performs research, analyzes data, builds detections, and guides remediation at scale. By supporting the advancement of Blumira’s detection methods and response capabilities through working tightly with Data, Backend, and Frontend Engineering this Team directly impacts the value of Blumira!

When a Customer of Blumira receives an alert it is the responsibility of the Team to not only craft that detection methodology, but also provide a framework for a clear and concise analysis and related playbook. This is done across the entirety of the Blumira platform allowing for broad testing of detection theories with one specific goal in mind; is this important for the Customer to be aware of? 

Blumira and the Incident Detection Engineering Team do not believe in unnecessary noise and believe it contributes no benefit to the industry, the alert must be important and relevant. If you have spent time trying to figure out how to get better operational visibility or that scanning from the internet doesn’t matter against your firewall configuration, this is your Team!

Are (or were!) you a system administrator or architect who wants to apply their experience to identify meaningful operational insights and potential risks in data? Do you want to build networks and environments that are for testing as well as research instead of mission critical 24x7 infrastructures? An Incident Detection Engineer who wants to experiment in environments and automation while approaching IT and Security differently will quickly impact the Incident Detection Engineering team at Blumira.

This role is a unique hybrid that will not only allow for a deep dive into security but also allows for broad experience to be applied to solve a multitude of issues. Blumira ingests well over 100 different types of data ranging from firewalls to cloud APIs and they all require contextual understanding to add value for Blumira customers that leverage those technologies.

Additionally this role is responsible for the building and upkeep of research and testing labs as well as supporting the Incident Detection Security Engineers in their data generation and detection efforts. Understanding classic on-prem implementations as well as Cloud implementations will be paramount in moving quickly to support the organization.

• Working with your teammates, the Director of Engineering, and the CTO to design and manage environments as well as detection and remediation logic in Blumira.
• Building, automating, and experimenting with environments to support your teammates' detection efforts and develop configuration recommendations for visibility into data.
• Supporting the Security Operations, Technical Account Management, and Sales Engineer teams with any inbound inquiries on configuration issues or general setup guidance. 
• Develop standards for device and service configuration of incoming data, working with the Data Ingestion team to ensure that parsing will be successful and the process is repeatable.
• Helping us be better practitioners for the IT community as a whole, ensuring that system administrators and non-security use-cases are addressed as well.

• Your techniques and methodologies that you have built up through years of infrastructure and IT work and excitement to apply them in a unique way.
• A desire to change IT and Information Security holistically with the realization that empathy is paramount to ensure that organizations become more sure.
• You have fought different types of firewalls, systems, and Cloud infrastructure and understand how to develop and apply best practices.
• Your experience with Windows and Active Directory has given you the superpower of questioning the sanity of Microsoft.
• Deeply ingrained know-how having spent time working on either systems, network, or cloud engineering and infrastructure.
• New and fresh ideas that can quickly contribute massively to the Blumira Incident Detection Engineering Team as well as the Customer-base and company as a whole!

• A results-oriented and friendly team of supportive teammates
• A chance to work on novel and exciting technical problems in the InfoSec space
• A flexible work environment that supports working from home including stipend
• Opportunity to have a huge impact as an early hire at a growing security startup
• Opportunity for management and leadership
• Competitive compensation
• Stock equity plan
• Benefits package that includes medical, dental, vision, and life insurance, as well as a company sponsored pre-tax retirement savings program

Salary: 110-130K