RemoteLeaf Logo
Log in Sign up

Security Engineer - Argentina

18 hours, 14 minutes ago
Argentina
Full-time
Mid Level
AI Engineer
Artificial Intelligence and Machine Learning
ClickHouse Microservices Python SIEM SQL YAML
Apply Now
SenseOn

SenseOn

SenseOn provides a consolidated cyber defense system that automates threat detection, investigation, and response, reducing noise and enhancing visibility.

Professional Services
51-250
Founded 2017
$26M raised
View All Jobs 3

Description

  • Author and maintain real-time streaming detection rules compiled from YAML into binary rulesets.
  • Develop batch behavioral detections using parameterised ClickHouse SQL on a seconds-to-minutes cadence.
  • Write ClickHouse aggregations and materialised views that power statistical anomaly baselines.
  • Build and maintain a MITRE-mapped hunting query library for analysts.
  • Map detections precisely to MITRE ATT&CK tactics, techniques, and subtechniques.
  • Instrument detections by measuring false positive rates, defining confidence scores, building test datasets, and owning rule quality.
  • Tune detections against real-world telemetry and investigate why rules fire.
  • Extend the existing LLM-driven rule writing engine to broaden automated detection coverage.
  • Design pipelines where LLMs propose detections from threat intelligence, CVEs, and analyst findings with validation and human approval gates.
  • Create feedback loops and evaluation harnesses for AI-generated detections, including prompt design, pass@k, and FP/TP scoring.

Requirements

  • 3+ years writing detection content such as SIEM rules, EDR detections, YARA, Sigma, or equivalent.
  • Strong working knowledge of MITRE ATT&CK and adversary tradecraft.
  • SQL proficiency, including writing analytical queries and understanding query performance at scale.
  • Hands-on experience using LLMs in a production or engineering context, including prompts, evaluation, and API-based implementations.
  • Python fluency for reading, writing, and debugging detection pipelines, API endpoints, and telemetry processing code.
  • Ability to evaluate AI-generated output critically and build guardrails against hallucinations in security use cases.
  • Clear, precise written communication in English.
  • Experience with ClickHouse or other columnar/OLAP databases is a strong advantage.
  • Familiarity with Protocol Buffers or other binary serialisation formats is a strong advantage.
  • Background in threat hunting, including hypothesis building and operationalising findings into detections, is a strong advantage.
  • Experience designing or contributing to AI evaluation frameworks such as eval harnesses, golden datasets, or pass@k scoring is a strong advantage.
  • Exposure to high-volume network or endpoint telemetry such as DNS, NTLM, Kerberos, process execution, or network flows is a strong advantage.
  • Prior work at a security vendor, MDR, or SOC where detection quality had direct customer impact is a strong advantage.

Benefits

  • Competitive salary.
  • Unlimited holiday allowance.
  • Bi-annual career progression reviews.
  • Learning and development investment, including certifications and conferences.
  • Work MacBook provided.
  • Unlimited access to the latest LLM models for experimentation and research.
  • Equal opportunity employment and a commitment to an inclusive hiring process.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Twilio

Engineer, Identity & Access

Twilio 5K-10K Diversified Telecommunication Services

Twilio is hiring a remote Identity & Access Engineer in India to build, automate, and secure enterprise identity and access systems across employee and system environments.

India Full-time Junior Security Engineer
Agile AWS Azure CI/CD Docker GCP Git JavaScript JIRA Kubernetes Node.js OpenID Connect REST API Terraform
14 minutes ago
Twilio

Senior Engineer, Security Automation

Twilio 5K-10K Diversified Telecommunication Services

Twilio is hiring a remote UK-based Security Engineer, Security Automation to improve and automate security workflows across cloud, product, GRC, and enterprise security operations.

United Kingdom Full-time Senior Security Engineer Software Engineer
Agile Apache Airflow Buildkite CI/CD Dagster Docker Kubernetes LLM Prefect Python Terraform Twilio
14 minutes ago
GitLab

Staff Backend Engineer (Go), Software Supply Chain Security: Secrets Management

GitLab 1K-5K Internet Software & Services

GitLab is hiring a Staff Engineer, Secrets Management to lead the architecture and integration of GitLab Secrets Manager, an OpenBao-powered capability for securely managing secrets across CI/CD pipelines.

United States Canada United Kingdom Ireland Netherlands Israel Full-time Lead Backend Engineer Security Engineer
$132k-$282k
CI/CD Encryption GitLab Go HashiCorp Vault JWT OpenID Connect Ruby on Rails Secrets Management
14 minutes ago
GitLab

Senior Backend Engineer(Golang),Software Supply Chain Security: Auth Infrastructure

GitLab 1K-5K Internet Software & Services

GitLab is hiring a Senior Backend Engineer on the Auth Infrastructure team to build and scale the authentication and authorization infrastructure that supports GitLab’s cloud, self-managed, Dedicated, and air-gapped environments.

Asia Oceania Canada Full-time Senior Backend Engineer Security Engineer
Agile AWS Envoy Go gRPC HAProxy JWT Kubernetes Microservices Nginx PostgreSQL REST API Traefik
14 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers