RemoteLeaf Logo
Log in Sign up

Staff Threat Research Engineer

2 weeks, 4 days ago
United States
Full-time
Lead
Research Scientist
Artificial Intelligence and Machine Learning
AWS Azure Cybersecurity GCP Machine Learning PowerShell Python SIEM SOC
Apply Now
Sumo Logic

Sumo Logic

Sumo Logic offers top-tier cloud monitoring, log management, and Cloud SIEM tools for web and SaaS apps, empowering businesses with real-time insights and high-quality software delivery.

Internet Software & Services
251-1K
Founded 2010
View All Jobs 38

Description

  • Conduct applied and original threat research and translate findings into actionable detection logic.
  • Design, build, and refine detection content and validation pipelines with Threat Labs teammates.
  • Test threat detection logic in lab environments against real-world attacker behaviors.
  • Analyze malware, track infrastructure, and use honeypots to uncover novel attacker behaviors.
  • Investigate industry and adversary trends to identify emerging detection opportunities.
  • Maintain and expand Threat Labs’ research lab infrastructure.
  • Collaborate with product management and engineering to scope, prioritize, and improve detection campaigns.
  • Provide practitioner feedback to product and engineering teams to inform feature design and roadmap decisions.
  • Publish research findings, detection logic, and hunting guidance through blogs, talks, open source, and other public contributions.

Requirements

  • 12+ years of cybersecurity experience in roles such as senior/principal SOC analyst, threat hunter, purple team practitioner, incident responder, or detection engineer.
  • Demonstrated ability to turn threat research into actionable detections and incident response outcomes.
  • Experience conducting original or self-directed threat research that produced novel findings and actionable insights.
  • Broad knowledge of multiple technology stacks and curiosity to learn new platforms.
  • Deep experience with major public clouds such as AWS, Azure, or GCP, including cloud-native logs and telemetry.
  • Understanding of AI-targeted attack techniques such as data poisoning, model theft, or prompt injection, with familiarity in MITRE ATLAS.
  • Proven thought leadership through blogs, LinkedIn articles, or conference presentations.
  • Background in the cybersecurity vendor space and experience giving expert feedback to product and engineering teams.
  • Prior customer-facing technical experience in consulting, remote support, or advisory roles.
  • Hands-on familiarity with offensive security tools such as Atomic Red Team, Sliver, or Cobalt Strike.
  • Scripting or automation experience with Python, PowerShell, or similar tools.
  • Experience with Security Orchestration, Automation, and Response (SOAR) technology.
  • Recognized presence or active participation in the security community through X/Twitter, conferences, or open source.
  • Experience applying AI or machine learning to improve efficiency and automation across the detection rule development lifecycle.

Benefits

  • Expected annual base salary of $162,000 to $190,000.
  • Eligibility for bonus or commission plans for certain roles.
  • Access to company benefits offerings.
  • Opportunity to work on agentic AI-powered SIEM and log analytics at a security-focused platform company.
  • Work that contributes to protecting customers and the broader security community.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Block

Security Engineer, Detection & Response - Monitoring & Triage

Block 10K-50K Capital Markets

Block is hiring a Detection and Response Team (DART) security engineer to lead monitoring, triage, and incident response across its endpoints, cloud, identity, SaaS, and product environments.

Australia Full-time Senior Security Engineer
AWS DNS Kubernetes Linux macOS Network Security SQL
0 minutes ago
Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter defenses in a hands-on technical leadership role.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth OpenID Connect Secrets Management Terraform Vercel
45 minutes ago
Game Plan Tech

Information System Security Manager (ISSM)

Game Plan Tech Internet Software & Services

Game Plan Tech is seeking an Information System Security Manager to lead security authorization and compliance for classified systems supporting AI capabilities in a fast-moving national security environment.

United States Full-time Senior Security Engineer
Active Directory
45 minutes ago
Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter security.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth Secrets Management Terraform Vercel
45 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers