Job Description
As an active member of the team, you will work with modern security principles, including security data lakes, detections as code, EDR, and zero trust networking. Proven experience in developing, deploying, and maintaining detection rules (e.g., Sigma, YARA, Splunk SPL, KQL) across various security platforms is essential, along with a strong understanding of common attack frameworks (e.g., MITRE ATT&CK). Responsibilities include monitoring security events, developing high-fidelity detection rules, conducting continuous tuning, and acting as a security incident response lead. Will also enhance security playbooks, conduct security assessments, and collaborate with threat intelligence teams.
About Cribl
Cribl is a remote-first company that empowers employees to do their best work and is trusted to solve the most pressing data needs for IT and Security.