Security Engineer, Threat Detection

About the Team: 

The SPACE (Security, Privacy, And Compliance Engineering) team defends Reddit’s employees and compute assets to make Reddit the most trustworthy place for online human interaction.  We look for humble experts with a relentlessly resourceful and entrepreneurial “can do” perspective. If you work tirelessly to break into computer networks and just as tirelessly to ensure others cannot, we need you.

The Opportunity at a Glance:

This is a Threat Detections role within the SPACE Security Intelligence Center. We are incident commanders with product administration experience who analyze security threats, build detections, and respond to security events. We value builders and software engineers with broad and deep technical knowledge, specifically in the fields of insider threat, data analytics, system forensics, malware analysis, threat hunting, threat intelligence, and application, endpoint, & cloud/infrastructure security. Security is tough, diversity is key, so unique experience is highly valued!

If you are passionate about data, security, threat models, and building creative mitigations, we need you. The ideal candidate has a strong coding background and has worked as part of a Computer Security Incident Response Team (CSIRT). We are looking for those with experience building creative detections and response automations, mapping detections to various security models, and deriving actionable intelligence to provide high fidelity alerting. You will help build a scalable detection and incident response system to analyze security events and find anomalies across Reddit’s technical ecosystem (endpoints, cloud, and SaaS).

Location: Remote-friendly within the U.S 

Reddit is continuing to grow our teams with the best talent. This role is remote-friendly within the United States. If you happen to live close to one of our physical office locations, our doors are open for you to come into the office as often as you'd like. 

Some of our present and future work include:

• Building new and more powerful observability and detections tools
• Migrating log collection and detections from COTS to open source solutions
• Empowering admins and engineers by integrating with existing Reddit tooling to enable robust and distributed detection and response processes
• Promoting Reddit’s unique combination of Privacy & Security
• Working across teams to ensure initiatives are greater than the sum of their parts

How You’ll Have Impact:

This position has flexibility throughout threat detections and incident response with ample opportunity to dive deeper across a wide scope of work. You will be a major contributor to the creation of new detections during the migration to custom tooling. You will also partner with many teams to onboard new data sources and optimize processes that enable all engineers to contribute to Reddit’s Security & Privacy mission.

What You’ll Do:

• Develop, enhance, and implement detections
• Build and enhance processes for automating security controls and monitoring at scale
• Analyze security events, and Lead incident response activities, Join the on-call rotation
• Support security initiatives across the organization that harden our infrastructure against attack
• Provide recommendations and support for insider threat programs

Preferred Skills and Experience:

• Strong coder with skills in Go/Python/shell scripts and knowledge of Splunk/SQL/BigQuery/Sigma
• Security Software Engineer with hands-on experience creating threat detections, performing remediation, and leading incident response for an international remote-enabled workforce
• Software Engineer familiar with git and cloud tools like Terraform, Ansible, or associated concepts
• Software Admin or Technical Customer Support Expert with 1 years managing Security Tools, MacOS, Windows, Linux, &/or Cloud infrastructure
• Security wizard with 3 years of experience within one or more areas: detections engineering, threat intelligence, endpoint hardening, device management, network/vpn/proxy/zero trust, XDR/EDR, DLP, insider threat processes, email security, forensic analysis, reverse engineering, data engineering, penetration testing
• Human not reliant on ChapGPT to communicate effectively with business representatives, explaining security topics (ELI5)

We offer a robust benefits package including:

• Comprehensive Healthcare Benefits
• 401k Matching
• Workspace benefits for your home office
• Personal & Professional development funds
• Family Planning Support
• Flexible Vacation (please use them!) & Reddit Global Wellness Days
• 4 months paid Parental Leave
• Paid Volunteer time off