Associate Security Detection Engineer, Signals Engineering - Remote

Overview

You will join the growing Signals Engineering team at GitLab, responsible for building and maintaining a best-in-class signal development and detection engineering program. If you’re passionate about writing threat detections, hunting for potentially malicious patterns of behavior, and closing detection gaps, this team is for you.

In Short

• Identify MITRE ATT&CK and top threat actor detection gaps.
• Write behavioral detections to close security gaps.
• Use SIEM or data lake platforms like Splunk or Elastic.
• Collaborate with teams to improve security observability.
• Partner with incident response and threat intelligence teams.
• Maintain and build new Detection-as-Code and AI automations.
• Proactive approach to detecting malicious patterns.
• Interest in cloud technologies and AI for detection.
• Focus on behavioral analysis over atomic indicators.
• Experience in SOC or incident response is a plus.

Requirements

• Understanding of the GitLab application.
• SOC, incident response, or detection engineering experience.
• Experience with SIEM or security data lake detection.
• Interest in learning advanced detection capabilities.
• Proactive collaboration with incident response teams.
• Interest in cloud technologies like AWS and GCP.
• Understanding of risk-based alerting and behavior analytics.

Benefits

• Benefits to support your health, finances, and well-being.
• Flexible Paid Time Off.
• Equity Compensation & Employee Stock Purchase Plan.
• Growth and Development Fund.
• Parental leave.
• Home office support.