Senior Product Security Engineer

at ExtraHop
  • Remote - Worldwide

Remote

Cybersecurity

Senior

Job description

At ExtraHop, we’re on a mission to help organizations achieve complete visibility, real-time threat detection, and proactive security through cutting-edge network detection and response (NDR) technology. Our NDR product is a market leader, providing our customers with the ability to detect, investigate, and respond to threats faster than ever before.

We’re proud of the work we do and the recognition we’ve received, including our recent Gartner Peer Insights award, which reflects the trust and satisfaction our customers have in our solutions.

If you’re passionate about innovation, dedicated to protecting digital infrastructures, and ready to make a real impact, we invite you to join our team and help us shape the future of cybersecurity.

Position Summary

Do you like securing complex cloud services and infrastructure? Want to be a part of a collaborative team that builds solutions that protect some of the biggest networks in the world? ExtraHop is seeking a Sr. Product Security Engineer, experienced with modern cloud system development and infrastructure-as-code practices to build and operate product security program capabilities, tools, and processes that allow us to keep pace with a rapidly changing security landscape, reduce security risk and enable organizational success.

We’re looking for candidates with a mix of cloud security, infrastructure security, security information and event management (SIEM) technologies, DevOps, and software development experience, who enjoy working in a collaborative environment and taking direct action to identify, remediate and prevent vulnerabilities and security issues.

You must have experience securing cloud environments and modern computing infrastructure, deploying and operating SIEM tools, and strong familiarity with Infrastructure-as-Code and container technologies.

Key Responsibilities

  • Implement and operate Splunk Cloud Platform and Enterprise Security, including setting up log ingestion from required source systems and ensuring correct parsing and categorization of log events for effective SIEM operations
  • Implement and operate endpoint detection and response (EDR) and network detection & response (NDR) solutions
  • Develop system configuration and hardening standards and coordinate with other teams to ensure compliance with those standards
  • Define standards for secure configuration of application and infrastructure components
  • Perform threat modeling, security design reviews, code reviews, and consultations with other staff
  • Build and improve vulnerability management processes and tooling to support system owners to successfully remediate issues
  • Perform, automate and streamline patching and vulnerability remediation activities
  • Develop and deliver training on cloud security issues, best practices and internal policies
  • Select, implement and manage cloud security tools including cloud security posture management (CSPM), network/host/container/IaC vulnerability scanners and configuration auditing
  • Participate in manual pen testing of new + existing systems
  • Perform and/or lead security investigation and incident response activities
  • Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections

Required Qualifications

  • Bachelor’s degree or equivalent experience in computer science, engineering, or information technology
  • 8+ years of experience in security engineering, software development and/or DevOps, with a focus on securing complex systems and modern cloud infrastructure
  • Strong experience securing AWS cloud platform and services, including the implementation of guardrails using service control policies (SCPs), IaC policies, CSPM, or similar strategies
  • Experience implementing Splunk Enterprise Security to monitor cloud-based systems
  • Experience working with container-based environments (Kubernetes, Docker, LXC, etc.)
  • Experience securing cloud-based web applications, APIs, data and infrastructure
  • All R&D Employees will be required to attend 2 mandatory in-person events every year. These events are typically held in our offices in downtown Seattle and run 4-5 days each
  • Must be a US citizen or lawful permanent resident (i.e., green card holder) (in order to support restricted access network environments)

Preferred Qualifications

  • Experience securing software-as-a-service (SaaS) and cloud service offerings
  • Experience with meeting FedRAMP, NIST SP 800-53 and similar compliance requirements
  • Experience deploying or managing EDR and NDR solutions (such as ExtraHop RevealX)
  • Experience securing Google Cloud Platform (GCP) and Azure
  • Experience working in a security operations center (SOC) and/or leading security incident response activities
  • Solid knowledge of Kubernetes, Git, Python, Terraform, Ansible, and the use of scripting in support of security automation, CI/CD pipelines

The base salary for this position rages from 136,600 - 180,380 plus bonus + benefits

ABOUT EXTRAHOP

ExtraHop is the cybersecurity partner enterprises trust to reveal the unknown and unmask the attack. We’re on a mission to protect and propagate trust by revealing the cybertruth, and we partner with every customer, every day, to uncover it. Our Reveal(x) 360 platform is the only network detection and response solution delivering the 360-degree visibility needed to see everything on the network. When organizations have full network transparency with ExtraHop, they can see more, know more, and stop more cyberattacks.

ExtraHop is recognized by leading organizations for both its innovation in the market and its commitment to building a world-class team. We’ve been recognized as a “Customer’s Choice” by Gartner Peer Insights™ Voice of the Customer, and as a Leader in the Forrester Wave®: Network Analysis and Visibility, Q2 2023. ExtraHop has won AI Breakthrough Awards four times (2018-2020, 2023) and our Channel Partner program has received a 5-star rating from CRN for our 2023 Partner Program Guide. Our flagship product, Reveal(x), has received numerous accolades, including a 2022 Edison Award for Cybersecurity.

Employees’ wellbeing is top of mind for the ExtraHop team. Employees and their families will have the option to participate in the following benefits:

  • Health, Dental, and Vision Benefits
  • Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time
  • Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan
  • FSA and Dependent Care Accounts + EAP, where applicable
  • Educational Reimbursement
  • 401k with Employer Match or Pension where applicable
  • Pet Insurance (US Only)
  • Parental Leave (US Only)
  • Hybrid and Remote Work Model

*Candidates should note that the Company may modify reporting relationships, job titles and compensation, including commissions and benefits, from time to time at its sole discretion, as it deems necessary, with or without prior notice.

We are intentional about our culture, diversity, and inclusion, and we welcome everyone to come ready to participate in contributing to this truly unique environment. At ExtraHop, we believe that the best products, services, and companies are built by strong teams that include a diversity of backgrounds, perspectives, ideas, and experiences. We are committed to supporting and enabling growth and opportunity for every employee at every level. This is the foundation of our success.

We are equally committed to equal employment opportunity, and it is foundational to how we recruit and hire our talented team. Employment is determined based upon capabilities and qualifications without discrimination on the basis of race, color, religion, sex, gender identification and expression, marital status, military status, pregnancy (including but not limited to potential pregnancy and pregnancy-related conditions), sexual orientation, age , national origin, ancestry, citizenship or immigration status, disability ,, genetic information, or any other protected class as established by law.

Our people are our most important competitive advantage, leading the charge cyber criminals and insider threats.

Ready to join us?   #Extrahop #Security #NDR #informationsecurity #cybersecurity #cloudsecurity #infosec #LI-Remote

Share this job:
Please let ExtraHop know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at ExtraHop

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply