Reddit
Security Engineer, Threat Detection
Reddit, Seattle, WA
Reddit is a community of communities. It's built on shared interests, passion, and trust and is home to the most open and authentic conversations on the internet. Every day, Reddit users submit, vote, and comment on the topics they care most about. With 100,000+ active communities and approximately 82M+ daily active unique visitors, Reddit is one of the internet's largest sources of information. For more information, visit redditinc.com.
About the Team:
The SPACE (Security, Privacy, And Compliance Engineering) team defends Reddit's employees and compute assets to make Reddit the most trustworthy place for online human interaction. We look for humble experts with a relentlessly resourceful and entrepreneurial "can do" perspective. If you work tirelessly to break into computer networks and just as tirelessly to ensure others cannot, we need you.
The Opportunity at a Glance:
This is a Threat Detections role within the SPACE Security Intelligence Center. We are incident commanders with product administration experience who analyze security threats, build detections, and respond to security events. We value builders and software engineers with broad and deep technical knowledge, specifically in the fields of insider threat, data analytics, system forensics, malware analysis, threat hunting, threat intelligence, and application, endpoint, & cloud/infrastructure security. Security is tough, diversity is key, so unique experience is highly valued!
If you are passionate about data, security, threat models, and building creative mitigations, we need you. The ideal candidate has a strong coding background and has worked as part of a Computer Security Incident Response Team (CSIRT). We are looking for those with experience building creative detections and response automations, mapping detections to various security models, and deriving actionable intelligence to provide high fidelity alerting. You will help build a scalable detection and incident response system to analyze security events and find anomalies across Reddit's technical ecosystem (endpoints, cloud, and SaaS).
Location: Remote-friendly within the U.S
Reddit is continuing to grow our teams with the best talent. This role is remote-friendly within the United States. If you happen to live close to one of our physical office locations, our doors are open for you to come into the office as often as you'd like.
Some of our present and future work include:
How You'll Have Impact:
This position has flexibility throughout threat detections and incident response with ample opportunity to dive deeper across a wide scope of work. You will be a major contributor to the creation of new detections during the migration to custom tooling. You will also partner with many teams to onboard new data sources and optimize processes that enable all engineers to contribute to Reddit's Security & Privacy mission.
What You'll Do:
Preferred Skills and Experience:
We offer a robust benefits package including:
Pay Transparency:
This job posting may span more than one career level.
In addition to base salary, this job is eligible to receive equity in the form of restricted stock units, and depending on the position offered, it may also be eligible to receive a commission. Additionally, Reddit offers a wide range of benefits to U.S.-based employees, including medical, dental, and vision insurance, 401(k) program with employer match, generous time off for vacation, and parental leave. To learn more, please visit https://www.redditinc.com/careers/.
To provide greater transparency to candidates, we share base pay ranges for all US-based job postings regardless of state. We set standard base pay ranges for all roles based on function, level, and country location, benchmarked against similar stage growth companies. Final offer amounts are determined by multiple factors including, skills, depth of work experience and relevant licenses/credentials, and may vary from the amounts listed below.
The base pay range for this position is:
$164,200-$229,900 USD
Reddit is proud to be an equal opportunity employer, and is committed to building a workforce representative of the diverse communities we serve. Reddit is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at ApplicationAssistance[redacted]
About the Team:
The SPACE (Security, Privacy, And Compliance Engineering) team defends Reddit's employees and compute assets to make Reddit the most trustworthy place for online human interaction. We look for humble experts with a relentlessly resourceful and entrepreneurial "can do" perspective. If you work tirelessly to break into computer networks and just as tirelessly to ensure others cannot, we need you.
The Opportunity at a Glance:
This is a Threat Detections role within the SPACE Security Intelligence Center. We are incident commanders with product administration experience who analyze security threats, build detections, and respond to security events. We value builders and software engineers with broad and deep technical knowledge, specifically in the fields of insider threat, data analytics, system forensics, malware analysis, threat hunting, threat intelligence, and application, endpoint, & cloud/infrastructure security. Security is tough, diversity is key, so unique experience is highly valued!
If you are passionate about data, security, threat models, and building creative mitigations, we need you. The ideal candidate has a strong coding background and has worked as part of a Computer Security Incident Response Team (CSIRT). We are looking for those with experience building creative detections and response automations, mapping detections to various security models, and deriving actionable intelligence to provide high fidelity alerting. You will help build a scalable detection and incident response system to analyze security events and find anomalies across Reddit's technical ecosystem (endpoints, cloud, and SaaS).
Location: Remote-friendly within the U.S
Reddit is continuing to grow our teams with the best talent. This role is remote-friendly within the United States. If you happen to live close to one of our physical office locations, our doors are open for you to come into the office as often as you'd like.
Some of our present and future work include:
- Building new and more powerful observability and detections tools
- Migrating log collection and detections from COTS to open source solutions
- Empowering admins and engineers by integrating with existing Reddit tooling to enable robust and distributed detection and response processes
- Promoting Reddit's unique combination of Privacy & Security
- Working across teams to ensure initiatives are greater than the sum of their parts
How You'll Have Impact:
This position has flexibility throughout threat detections and incident response with ample opportunity to dive deeper across a wide scope of work. You will be a major contributor to the creation of new detections during the migration to custom tooling. You will also partner with many teams to onboard new data sources and optimize processes that enable all engineers to contribute to Reddit's Security & Privacy mission.
What You'll Do:
- Develop, enhance, and implement detections
- Build and enhance processes for automating security controls and monitoring at scale
- Analyze security events, and Lead incident response activities, Join the on-call rotation
- Support security initiatives across the organization that harden our infrastructure against attack
- Provide recommendations and support for insider threat programs
Preferred Skills and Experience:
- Strong coder with skills in Go/Python/shell scripts and knowledge of Splunk/SQL/BigQuery/Sigma
- Security Software Engineer with hands-on experience creating threat detections, performing remediation, and leading incident response for an international remote-enabled workforce
- Software Engineer familiar with git and cloud tools like Terraform, Ansible, or associated concepts
- Software Admin or Technical Customer Support Expert with 1+ years managing Security Tools, MacOS, Windows, Linux, &/or Cloud infrastructure
- Security wizard with 3+ years of experience within one or more areas: detections engineering, threat intelligence, endpoint hardening, device management, network/vpn/proxy/zero trust, XDR/EDR, DLP, insider threat processes, email security, forensic analysis, reverse engineering, data engineering, penetration testing
- Human not reliant on ChapGPT to communicate effectively with business representatives, explaining security topics (ELI5)
We offer a robust benefits package including:
- Comprehensive Healthcare Benefits
- 401k Matching
- Workspace benefits for your home office
- Personal & Professional development funds
- Family Planning Support
- Flexible Vacation (please use them!) & Reddit Global Wellness Days
- 4+ months paid Parental Leave
- Paid Volunteer time off
Pay Transparency:
This job posting may span more than one career level.
In addition to base salary, this job is eligible to receive equity in the form of restricted stock units, and depending on the position offered, it may also be eligible to receive a commission. Additionally, Reddit offers a wide range of benefits to U.S.-based employees, including medical, dental, and vision insurance, 401(k) program with employer match, generous time off for vacation, and parental leave. To learn more, please visit https://www.redditinc.com/careers/.
To provide greater transparency to candidates, we share base pay ranges for all US-based job postings regardless of state. We set standard base pay ranges for all roles based on function, level, and country location, benchmarked against similar stage growth companies. Final offer amounts are determined by multiple factors including, skills, depth of work experience and relevant licenses/credentials, and may vary from the amounts listed below.
The base pay range for this position is:
$164,200-$229,900 USD
Reddit is proud to be an equal opportunity employer, and is committed to building a workforce representative of the diverse communities we serve. Reddit is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at ApplicationAssistance[redacted]