Threat Detection Engineer

Sysdig

full-time

Posted on: 9/11/2025

Origin: • 🇮🇹 Italy

✨ AI Apply

JuniorMid-Level

AWSAzureCloudDockerGoGoogle Cloud PlatformKubernetesLinuxPythonSQL

About the role

Reporting to the Manager of Threat Engineering, you will research and maintain threat detections to identify threats that may affect our customers.
Participate in Sysdig Threat Research Team activities by conducting impactful research on new detection use cases and developing detection methods
Help automation efforts as they relate to security content by using scripting languages such as Python
Develop reports and dashboards to measure the progress of detection efforts

2+ years of hands-on experience with one of the following: Security operations, EDR, security engineering, or incident response
Hands-on experience in Linux, including expertise with system calls and in-depth knowledge of Linux internals
Experience creating threat detections for cloud environments, such as AWS, Azure, or GCP
Knowledge of Kubernetes, container technologies, and container runtimes (e.g. Docker, containers, cri-o)
Experience with SQL and programming languages such as Python or Go, plus using Git for version control and collaborative development.
Experience with or knowledge of Falco, the OSS threat detection tool
Familiarity with analysing logs or other security artifacts for malicious behaviour to create detection rules.
Comfortable working directly with customers to help improve their experience.