Senior Security Content - Researcher

Foster City, CA /
Product & Research – Security Analytics /
Exempt Full Time
From the CISO to the analyst, Exabeam helps security teams outsmart the odds by adding intelligence to their existing security tools – including SIEMs, XDRs, cloud data lakes and hundreds of other business and security products. Out-of-the-box use case coverage delivers repeatable outcomes. Behavioral analytics allows security teams to detect compromised and malicious users that were previously difficult, or impossible, to find. And alert enhancement and automated timeline creation help overcome staff shortages by minimizing false positives and reducing the time it takes analysts to detect, triage, investigate and respond to incidents by 51 percent. For more information, visit

At Exabeam we collect IT and security logs, detect threats, provide meaningful insights, help track the threats and act on them. It all starts by building a precise understanding of the individual log events.  As a Security Content Engineer, you will be in charge of analyzing the log activity that IT operations generate, and decide how it can be utilized for detection. You will be creating and reviewing the regular expressions to fetch useful information from the logs which is the foundation of the entire Exabeam information model, and be responsible for constantly broadening support for devices and SIEMs. 
You will be embedded in our Security Analytics group, staffed by seasoned Enterprise IT security experts, and work closely with the field organization in supporting the customer requests.
Exabeam ( is a high-growth Security Analytics company with a growing list of very satisfied customers!


    • End-to-end ownership of content projects, ensuring the highest quality and performance
    • Build and execute a development plan, including scoping and prioritizing
    • Define success criteria and objectives
    • Analyze logs and find if they map to the existing framework
    • Validate and articulate security value to field
    • Proactive in identifying and resolving existing issues
    • Audit the CIM compliance and event identification in ingestion pipeline
    • Develop and maintain framework for enforcing compliance
    • Provide technical mentorship to teammates and train new hires.
    • Maintain content documentation


    • University degree or equivalent experience (BS CS is ideal)
    • Deep understanding of security concepts, SIEM, log feeds and associated use cases
    • Knowledge of programming and scripting languages such as Scala, Java, Perl, Python or Shell
    • Experience working with regular expressions
    • Orientation to details and good task coordination skills
    • Excellent communication skills to gather requirements and present proposed solutions
    • Experience with machine learning is a plus
    • Understanding of Mitre techniques and tactics is a plus
Exabeam is privately funded by Lightspeed Venture Partners, Cisco Investments, Norwest Venture Partners, Acrew Capital, Icon Ventures, and investor Shlomo Kramer. For more information visit or follow us on LinkedIn and Twitter.