Senior Detection Software Engineer
Operations – Detection Enablement /
Who We Are
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attack. Our combination of market-defining technology, processes, and expertise are preventing breaches every day. We are completely changing the way security is delivered and setting the new standard for security. If our mission resonates with you, let’s talk!
What We Believe In
- Do what’s right for the customer
- Be kind and authentic
- Deliver great quality
- Be relentless
Challenges You Will Solve
The Red Canary Detection Validation Engineer fuses an increasingly diverse set of telemetry sources. As a Detection Validation Engineer, you will validate current and future telemetry sources, ensuring they adhere to Red Canary’s high data quality standards. You fill a critical role in developing, testing, and validating that the Red Canary Detection Engine can effectively leverage diverse telemetry and detect the threats our customers face.
Detection Validation enhances the ability of Detection Engineering to quickly innovate and deploy new methods of threat detection by working closely with the Threat Research and Threat Intelligence teams to prioritize functional testing of adversary techniques and relevant data sources. Detection Validation ensures Red Canary’s software and human logic is accurate and capable of consistently delivering high quality detections to our customers.
What You'll Do
- Leverage and iteratively improve internal telemetry testing tools as well as Red Canary’s public adversary technique testing frameworks like AtomicTestHarnesses and Atomic Red Team.
- Design and implement new telemetry testing frameworks.
- Lead and drive internal projects from initial concept through product delivery.
- Work closely with internal and external partners to improve sensor telemetry collection, and identify defects before they affect our customers.
- Test the latest sensor telemetry optics from our partner EDR vendors.
- Work with internal teams to improve detection capabilities and the Red Canary Detection Engine.
- Serve as a “data evangelist” and technical mentor for those wanting to learn more about sensor telemetry.
- Automate and instrument telemetry and attacker testing frameworks to enable high quality detector and telemetry measurements.
What You'll Bring
- You love software engineering and have a strong desire to write code to automate testing and take ownership of a product or feature from concept to launch.
- Strong understanding of adversary techniques and detection engineering principles.
- A preparedness for new challenges as part of a rapidly evolving team and fast growing company.
- Experience working in cloud environments such as Amazon Web Services.
- Knowledge of software testing and validation techniques/frameworks.
- Strong understanding of operating system internals across Windows, Linux, and MacOS.
- The ability to communicate highly technical concepts in a clear, succinct fashion to non-subject matter experts, both verbally and in writing.
- Experience with writing Python, PowerShell, Ruby, or other various scripting languages.
- Experience with compiled languages like Go, Java, .Net.
- A strong understanding of endpoint telemetry/EDR security products.
- Ability to perform data analysis and triage on diverse datasets.
- Experience automating software deployments.
- Familiarity with the mechanics of attack behaviors and MITRE ATT&CK ®.
- Experience working with Continuous Integration and Delivery technologies (e.g CircleCI, Jekins, Gitlab CI), preferred
- Experience managing and deploying code with git/GitHub, preferred
- Knowledge of operating system internals for at least one family of operating systems (Windows, MacOS, Linux), preferred
- Experience deploying workloads in cloud environments like AWS, Azure, GCP, Digital Ocean, preferred
- Experience with infrastructure as code tools like Terraform, Ansible, Packer, AWS CloudFormation, preferred
- Experience working with container technologies like Docker, LXC, Kubernetes, preferred
- Familiar with Attacker behaviors and techniques, preferred
- Prior experience building and maintaining software testing and validation frameworks, preferred
Target base salary range: $150,000 - $175,000 depending on experience + bonus eligibility and equity
Why Red Canary?
Red Canary is where people embody our mission to improve security outcomes for all. People work hard to maintain a culture that encourages authenticity in order to do your best work. Our people are driven and committed to finding the best security outcomes, delivering real and actionable answers, and being transparent along the way.
At Red Canary, we offer a very rich benefits program to our full-time team members so they can focus on their families and improving our customers’ security. For a full list of benefits, please review our Benefits Summary:
Individuals seeking employment at Red Canary are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.