Working with the Netflix Security Intelligence and Response Team (SIRT) you will tackle unsolved problems in detection and response. We have the opportunity to develop innovative approaches on a modern technology stack including Amazon Web Services and a Software-as-a-Service heavy corporate environment. This is where many companies want to be in five years, and we are solving these problems today.

You will lead the product vision and implementation of a security detection and alerting program at Netflix. You will architect and deliver a platform that enables security teams at Netflix to create automated alert workflows and ensure the health and quality of alerting overall. You will help us avoid the traditional pitfalls of security alerting, and develop novel techniques to advance the state of the art in detection and response.
To be successful you should be familiar with:

Detecting Security Events – creative ideas for detections across a range of platforms (not just Windows clients).
Data Engineering and Data Science – familiar with concepts and common tools for moving and exploiting event and log data. We are targeting Kafka, Flink and Hive, alongside ElasticSearch and many internal tools.
Response Automation – ideas on how to enable a SOCless approach to detection and response. We use Python and some JavaScript for this generally. Experience responding to security events.
Systems Architecture – obtaining a deep understanding of the problem and building a solution. You will likely have to write some glue code in Python or Java.
Product Leadership / Program Management – implementing your vision across teams and stakeholders.