We’re on a mission to make knowledge work faster and more humane. We believe that AI will fundamentally transform how people work. In the future, everyone will work in tandem with expert AI assistants who find knowledge, create and synthesize information, and execute work. These assistants will free people up to focus on the higher-level, creative aspects of their work.
We’re building a system of intelligence for every company in the world. On the surface, you can think of it as Google + ChatGPT for the enterprise. Under the hood, our platform is the connective tissue between AI and knowledge. It brings all of a company’s knowledge together, understands it at a deep level, provides industry-leading search relevance over it, and connects it to generative AI agents and applications.Glean was founded by a seasoned team of former Google search and Facebook engineers who saw a need in the enterprise space for their technical depth and passion for AI. We’re a diverse team of curious and creative people who want to help each other get big things done—so we can help other teams do the same.
We're backed by some of the Valley's leading venture capitalists—including Sequoia, Kleiner Perkins, Lightspeed, and General Catalyst—and have assembled a world-class team with senior leadership experience at Google, Slack, Facebook, Dropbox, Rubrik, Uber, Intercom, Pinterest, Palantir, and others.Role:
Glean is looking for a highly skilled and motivated SOC Analyst/threat detection engineer to join our team. We are looking for someone with uncanny ability to sift through mountains of data to uncover hidden threats. The ideal engineer will use automation that scale to help collect, analyze, action and support the remediation of threats.
What you will do and achieve:
- You will collect, parse, and analyze logs from diverse sources, transforming data into actionable insights.
- You will proactively hunt for malicious activity across our environment. To scale, you will build and maintain tools/automations to hunt for anomalies, identify potential compromises, and execute runbooks, to support rapid detection, triage, analysis, and response
- You will go beyond responding and analyzing events to communicating the appropriate context and insight to risk decision makers, prioritize findings and recommend remediation strategies
- You will stay current with the evolving threat landscape by actively participating in training, research, and the security community.
Who you are
- You have a bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). Masters in Information Security a big plus.
- You have 7+ years of experience in Security.
- You have a strong understanding of SIEM and SOAR platforms (e.g., Splunk, ELK Stack, Palo Alto Cortex XSOAR).
- You have experience with cloud security tools in GCP and AWS.
- You are proficient in scripting languages like Python and Bash.
- You are excellent at understanding and solving complex and ambiguous problems and constantly seek improvement
Key knowledge and skills
- You thrive in a customer-focused, tight-nit and cross-functional environment - a team player and willing to take on whatever is most impactful for the company
- You are proactive and have positive attitude to lead, learn, troubleshoot and take ownership of both small tasks and large features
- You have knowledge of threat intelligence platforms and methodologies.
We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.