Senior Intrusion Detection Engineer
Who We Are
Vultr is on a mission to make high-performance cloud computing easy to use, affordable, and locally accessible for businesses and developers around the world. With 32 cloud data center locations around the world, Vultr has served over 1.5 million customers across 185 countries with flexible, scalable, global Cloud Compute, Cloud GPU, Bare Metal, and Cloud Storage solutions. Founded by David Aninowsky and completely bootstrapped, Vultr has become the world’s largest privately-held cloud computing company without ever raising equity financing.
Simply put, Vultr is committed to providing businesses worldwide with the best price-to-performance of any cloud computing platform. Our global reach of data centers and strategic new partnerships provide the foundation to maximize the impact of our existing services, new product improvements, and releases, which in turn, is a catalyst for your own success. Vultr is taking flight, and this is your opportunity to leave your mark on the future of Cloud Infrastructure!
- A 100% remote work environment + a company-wide get together
- 401(k) plan that matches 100% up to 4% with immediate vesting
- Professional Development Reimbursement of $2,500 each year
- 11 Holidays + Paid Time Off Accrual + Rollover Plan + take off your birthday!
- Commitment matters to Vultr! Increased PTO at 3 year anniversary + 1 month sabbatical at 5 year anniversary + Anniversary Bonus each year
- $500 first year remote office setup + $400 each year following for new equipment
- Monthly internet reimbursement up to $75
- Company paid Calm app subscription
- $50 per month for a gym membership
The Cybersecurity Operations team is a central pillar of our growth strategy, and we are looking for a Senior Intrusion Detection Analyst to help lead the aggregation of ingested data into automated workflows toward incident detection and response management.
You’ll be an SME on logging solutions, incident & event monitoring, threat hunting, DQLs, and task optimization toward alerting. The ideal candidate is a self-driven remote professional with the passion and determination to proactively thwart cyber attacks in daily operations. Our team’s mission is to support Vultr operations by identifying, assessing, communicating, and rectifying threats across the organization. We believe that operational security is at the forefront of a thriving enterprise and are eager to expand our blue-team operations at Vultr, toward the enhancement of our security posture, as a global Cloud Service Provider.
What to expect:
- You will provide oversight as well as performing Intrusion Detection Monitoring and Incident Management Daily Operations and Maintenance Services through the application of the intrusion detection monitoring and incident management tools and processes
- You will also be an escalation point for junior analysts as unauthorized, malicious, or anomalous activity is identified
- The senior analyst will assume a lead role on the team performing technical hands-on duties and providing oversight in the following areas:
- Review audit data, e-mail spam, and network traffic data for irregularities or other indications of real or potential security violations
- Correlate and analyze security data and events from alert and traffic flow systems
- Identify potential distributed, long-term, coordinated, low-visibility network-based attacks
- Identify potential advanced persistent and coordinated threats across multiple platforms
- Perform tuning and optimization tasks to include sensor rule review and log aggregation/visibility
- Develop/enhance existing intrusion detection analytics/dashboards/signatures to remain commensurate with evolving cyber threat
- Investigate all security-related events and incidents involving information systems
- Create, proofread, and submit formal after actions reports (AAR) on classified security events.
Our ideal candidate will have:
- BS Degree with 6+ years of relevant experience, an MS with 4+ years, or 8+ years of experience in lieu of a degree
- Professional experience using centralized logging solutions (SumoLogic, Splunk, Grafana, etc.)
- Willingness to perform DQL exercise to show proof of proficiency or provide a PoC
- Expert understanding of API host collection, data source correlation, and secure collector maintenance
- Must have a strong foundation working between both on-premise and cloud servers via command
- Professional experience working with information security frameworks, including NIST, ISO 27001/2, SOC2, GDPR, PCI-DSS, & CIS.
$100,000 - $115,000
This salary can vary based on location, years of experience, background and skill set.
Vultr is committed to an inclusive workforce where diversity is celebrated and supported. All employment decisions at Vultr are based on business needs, job requirements, and individual qualifications.
Vultr regards the lawful and correct use of personal information as important to the accomplishment of our objectives, to the success of our operations and to maintaining confidence between those with whom we deal and ourselves. As such the use of various key privacy controls enables Vultr’s treatment of personal information to meet current regulatory guidelines and laws.
Workforce members have the right under US state law where and when applicable and certain other privacy and data protection laws, as applicable, to: fair and equal treatment, knowing what personal data we gather and retain, for what purpose, and the ability to access and/or delete such data. You also have the right to opt out of communications from Vultr and approved third- parties at any time.
Meet Your Recruiter
Talent Acquisition Specialist