Sr. Engineer - Cloud Posture Detection (Hybrid)

About The Position

Requirements

• United States Citizenship OR Permanent Residency is necessary to retain access to resources for this role (NO Clearance necessary)
• Professional experience in cloud security-related operations and engineering roles, specifically related to threat detection, incident response, and risk management with a focus on cloud security posture management (CSPM, DSPM, or similar)
• Experience with data analytics, including searching large data sets, correlating attributes, interpreting results, extracting insights, and forming data-driven conclusions
• Experience with searching data with analytics tools including Elastic Search, Splunk, or a SIEM
• A working practical knowledge of at least one of the following Cloud Service Providers: AWS, Azure, GCP, OCI
• A practical understanding of industry security standards and control frameworks such as NIST, CISA, CIS, HIPAA, HISTRUST, PCI and others
• Experience developing, deploying, and maintaining code in formalized software development/CICD workflows including the use of BitBucket to manage code deployments
• Familiarity with the Agile methodology for project management
• Strong engineering skills with proficiency in Python, Go, Java, C#, or JavaScript for developing detection content
• Ability to author and run Elastic Search queries and interpret results from large data sets
• Proficient in the English language with strong written and verbal communication skills
• A passion for quality and experience optimizing results
• Ability to periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements

Nice To Haves

• Experience writing detection rules with the Open Policy Agent query language, Rego
• Having served in a role focused on Detection Engineering or Cloud Posture/Content Engineering; writing detection rules used by other teams
• Experience with cloud security posture management platforms or tools (CSPM, DSPM, ASPM, or similar)
• Formalized training or certification in cloud computing, including administration, development, engineering, or architecture

Responsibilities

• Perform research into cloud threats, vulnerabilities, and abuses, to determine configuration best practices that can be used to secure cloud services and assets
• Develop and deploy detection rules as code into the FCS product ecosystem
• Write descriptions that customers will use to understand and action alerts generated by these rules
• Work extensively with cloud posture data—analyzing configurations like multi-factor authentication settings, access controls, encryption policies, and other security posture indicators to create detection content

Benefits

• Market leader in compensation and equity awards
• Comprehensive physical and mental wellness programs
• Competitive vacation and holidays for recharge
• Paid parental and adoption leaves
• Professional development opportunities for all employees regardless of level or role
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
• Vibrant office culture with world class amenities
• Great Place to Work Certified™ across the globe
• Health insurance, 401k and paid time off