Lead Threat Detections Engineer - Reddit Security Intelligence Center

Reddit is a community of communities where people can dive into anything through experiences built around their interests, hobbies, and passions. Our mission is to bring community, belonging, and empowerment to everyone in the world. Reddit users submit, vote, and comment on content, stories, and discussions about the topics they care about the most. From pets to parenting, there’s a community for everybody on Reddit and with over 50 million daily active users, it is home to the most open and authentic conversations on the internet. For more information, visit redditinc.com . The Reddit Security Intelligence Center (RSIC) is seeking a Lead Threat Detections Engineer. This is an opportunity to have an outsized impact on a highly skilled and motivated team. We look for humble experts with a relentlessly resourceful and entrepreneurial “can do” view of security. RSIC engineers manage the data pipeline, analyze security threats, build detections, and respond to security events. We value broad and deep technical knowledge, specifically in the fields of data analytics, system forensics, malware analysis, threat hunting, threat intelligence, and application, endpoint, & infrastructure security. If you are passionate about data, security, threat models, and building creative mitigations, we need you. The ideal candidate has worked as part of a Computer Security Incident Response Team (CSIRT) and has extensive experience building creative detections, mapping detections to various security models, and deriving actionable intelligence to provide high fidelity alerting. You will help build a scalable detection and incident response system to analyze security events and find anomalies across Reddit’s technical ecosystem (endpoints, cloud, and SaaS). What You'll Do: Identify and implement high-quality detections, playbooks, and solutions that improve Reddit’s detection and response capabilities Evaluate the impact of current security trends, advisories, publications, and academic research, coordinating detection and response as necessary Drive actionability to detections and take feedback from incident response across multiple cross-functional teams Work alongside and mentor engineers to improve security and reduce risk Influence the collection of telemetry and observability spanning sources like endpoints (Mac, Windows, Linux), Cloud (AWS and GCP), Kubernetes, and SaaS applications. Keep your knowledge and skills current with the rapidly changing threat landscape Participate in an on-call rotation (high fidelity detections matter) What We Can Expect From You: 5+ years of demonstrated experience analyzing data, writing detections, and leading security incident response Hands on expertise with Splunk SIEM & SOAR solutions, with deep experience in developer Risked Based Alerting (RBA) Proficient in threat hunting hypothesis forming and evaluation, and evidence gathering and coalescence Technical depth in one or more specialties including: application security, cloud infrastructure security, digital forensics, malware analysis, threat hunting or some combination thereof Strong understanding of security vulnerabilities, attacker exploit techniques, and methods for their remediation Deep knowledge of various endpoint operating systems, security tools, cloud providers, and architecture designs Demonstrated knowledge of security data pipeline architecture designs Relevant industry certifications from SANS, SIEM vendors, etc. Excellent communication and collaborative skills Ability to work with a high degree of autonomy Benefits: Comprehensive Health benefits 401k Matching  Workspace benefits for your home office Personal & Professional development funds Family Planning Support Flexible Vacation & Reddit Global Days Off 4+ months paid Parental Leave   Paid Volunteer time off Pay Transparency: This job posting may span more than one career level. In addition to base salary, this job is eligible to receive equity in the form of restricted stock units, and depending on the position offered, it may also be eligible to receive a commission. Additionally, Reddit offers a wide range of benefits to U.S.-based employees, including medical, dental, and vision insurance, 401(k) program with employer match, generous time off for vacation, and parental leave. To learn more, please visit https://www.redditinc.com/careers/. To provide greater transparency to candidates, we share base pay ranges for all US-based job postings regardless of state. We set standard base pay ranges for all roles based on function, level, and country location, benchmarked against similar stage growth companies. Final offer amounts are determined by multiple factors including, skills, depth of work experience and relevant licenses/credentials, and may vary from the amounts listed below. The base pay range for this position is: $145,700 - $218,600. Reddit is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at ApplicationAssistance@Reddit.com .