RiseMe
LoginSign Up
Cribl logo
Cribl Verified
Observability, Data Management, Cloud Software, SaaS, Big Data

Staff Security & Compliance Engineer

Remote - Australia, United StatesRemoteFull TimeStaffPosted 2 months agoVisa sponsorship available

Is this role right for you?

Upload your resume and get a skill-by-skill breakdown — see exactly where you match, where you're close, and what to highlight. Not a mystery percentage.

Get a tailored resume highlighting what this role needs.

Role summary

Cribl is seeking a Staff Security & Compliance Engineer to join its Information Security team. This role focuses on enhancing security posture through robust operations and advanced threat detection. Responsibilities include leading security incident management, triage, and investigations, and developing innovative solutions for threat remediation and prevention. The engineer will design, implement, and optimize detection logic, working with SIEM, EDR, and cloud security tools. Collaboration with Product Security, IT, and Legal teams is essential. The position requires scripting skills in Python, NodeJS, Ruby, or Bash, and a strong understanding of common attack frameworks like MITRE ATT&CK. Experience with cloud security and authentication protocols is preferred. This is a remote-first position with potential on-call duties.

Cribl does differently.

What does that mean? It means we are a serious company that doesn’t take itself too seriously; and we’re looking for people who love to get stuff done, and laugh a bit along the way. We’re growing rapidly - looking for collaborative, curious, and motivated team members who are passionate about putting customers first. As a remote-first company we believe in empowering our employees to do their best work, wherever they are.

As the data engine for IT and Security many of the biggest names in the most demanding industries trust Cribl to solve their most pressing data needs. Ready to do the best work of your career? Join the herd and unlock your opportunity.

Why You’ll Love This Role

The Staff Security and Compliance Engineer will be a pivotal member of Cribl’s Information Security team, primarily responsible for strengthening our security posture through robust security operations and advanced threat detection. You will help lead security incident management, triage, and investigations, and be instrumental in developing innovative solutions to remediate current threats and proactively prevent future attacks. A key aspect of this role will be designing, implementing, and optimizing detection logic to identify sophisticated threats across our environment. You will partner closely with Product Security, IT, and Legal teams, and report to the Sr. Director, Security Engineering and Operations under the CISO.

As An Active Member Of Our Team, You Will…

  • Monitor security events and alerting via our security tooling, including MSSP, SIEM, AI, and CSPM tooling, to identify and triage potential threats
  • Design, develop, implement, and maintain high-fidelity detection rules and alerts within SIEM and other security platforms (e.g., EDR, Cloud Security tools) based on threat intelligence, MITRE ATT&CK framework, and identified risks
  • Own the continuous tuning and optimization of existing detection logic to reduce false positives and improve detection efficacy
  • Respond to issues identified by our Cribl employees
  • Act as a security incident response lead, including leveraging and improving detection capabilities during investigations
  • Design, build, and manage security playbooks, incorporating detection engineering best practices
  • Conduct security assessments of corporate assets through vulnerability testing, threat hunts, and purple team activities, with a focus on identifying detection gaps and opportunities
  • Perform both internal and external security reviews of corporate properties e.g., the corporate website and enterprise applications
  • Lead security incident response tabletop exercises
  • Continue to evolve and champion the use of Cribl products in our security tech stack to enhance detection, analysis, and response capabilities
  • Collaborate with threat intelligence teams to integrate new indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) into detection strategies
  • Partner cross-functionally with Product Security, IT, and Legal teams to strengthen overall security posture
  • This position will require stand-by, on-call, or off-hours duties

    • If You’ve Got It - We Want It

  • Provide knowledge and experience in working with modern security principles e.g. SIEM, security data lakes, detections as code, EDR, zero trust networking, and other security tooling, as well as demonstrated experience with incident response and management
  • Utilize a strong understanding of common attack frameworks (e.g., MITRE ATT&CK) and how to map detections to TTPs
  • Understanding of authentication and authorization schemes such as SAML, OpenID, OAuth2, and SCIM
  • Experience scripting/coding in at least one of the following languages: Python, NodeJS, Ruby, Bash
  • Proven ability to act as a technical subject matter expert on security, compliance, and assurance topics
  • Communicate ideas to technical and non-technical audiences
  • Comfortable with ambiguity, have a strong analytical acumen, self-motivated, able to work cross-functionally
  • We are a remote-first company and work happens across many time-zones – you may be required to occasionally perform duties outside your standard working hours
  • Experience with SIEM platforms like Panther is a plus and its detection capabilities
  • Familiarity with Wiz and cloud native security tooling for detection in AWS, Azure, or GCP
  • Relevant certifications in cloud security or incident response (e.g., SANS GIAC certifications)
  • Proven experience in developing, deploying, and maintaining detection rules (e.g., Sigma, YARA, Splunk SPL, KQL) across various security platforms

    • #LI-GV1#LI-Remote

    Bring Your Whole SelfDiversity drives innovation, enables better decisions to support our customers, and inspires change for the better. We’re building a culture where differences are valued and welcomed, and we work together to bring out the best in each other. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

    Interested in joining the Cribl herd? Learn more about the smartest, funniest, most passionate goats you’ll ever meet at cribl.io/about-us.

    Ready to apply?
    You'll be redirected to Cribl's application page.

    Similar roles