Security Engineer, Insider Threat Detection & Response
OpenAI$260,000 - $405,000/year
Full Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Cloud Security, Cybersecurity, TechnologyIndustries
Requirements
- Direct experience building runtime detection, threat response, malware defense, or threat workflow products (e.g., CDR, runtime CNAPP components, advanced detection engines, FIM platforms, EDR/XDR runtime engines)
- Strong technical depth to credibly partner with cloud security engineers, threat researchers, and backend engineers
- Demonstrated success owning/driving product workstreams end-to-end (roadmap, prioritization, backlog, delivery)
- Strong understanding of modern cloud stacks: Kubernetes, containers, cloud native deployment patterns, plus at least one major cloud (AWS/Azure/GCP)
- 4–5+ years of product management experience building security products (ideally threat detection & response, CDR/EDR/XDR, CNAPP, runtime security, or similar)
- Bias toward measurable outcomes: reducing noise, increasing true positive threat signal, improving operational speed for defenders
- Deep care about shipping what matters, staying current on threat techniques, attacker behavior, and emerging runtime research
- Excellent communication across engineering, research, design, GTM, and customers; ability to simplify highly technical conversations and influence direction through clarity
Responsibilities
- Lead product execution for runtime threat detection across containers, hosts, and cloud environments—from detections to end-to-end threat workflows (reporting to Director, Product Management)
- Manage roadmap for advanced detection outcomes including: FIM, malware discovery, behavioral threat analytics, workload runtime signals, identity-based detections, and active response capabilities
- Partner with engineering and research (threat intel, detection engineering, ML/AI) to ship high-signal detections that materially reduce Mean Time to Detect/Investigate for customers
- Define UX and workflows for SOC, IR, cloud security engineering—minimizing noise, driving actionability, and accelerating containment
- Engage directly with security customers (from hands-on operators to exec stakeholders) to understand modern runtime threat pain and convert it into unique products
- Stay ahead of the threat landscape and ecosystem to ensure runtime engine + detection portfolio is always leading the market
Skills
Product Management
Runtime Threat Detection
Containers
Cloud Security
FIM
Malware Discovery
Behavioral Analytics
Threat Intelligence
Detection Engineering
ML/AI
SOC Workflows
IR Workflows
UX Design
Roadmap Management
Sysdig
Cloud-native security and monitoring solutions
About Sysdig
Sysdig provides security and monitoring solutions specifically designed for cloud-native environments, such as applications running in containers and Kubernetes. Their main products, Sysdig Secure and Sysdig Monitor, help organizations manage security risks, ensure compliance, and maintain the performance of their applications. Clients subscribe to their services on a monthly or annual basis, which allows them to access various tiers of features tailored to their needs, from basic monitoring to advanced incident resolution. Sysdig differentiates itself by focusing exclusively on cloud-native security, catering to a wide range of industries including technology, finance, healthcare, and government. The company's goal is to empower organizations to secure and optimize their applications in complex IT environments, supporting their growth and stability.
San Francisco, CaliforniaHeadquarters
2013Year Founded
$709.6MTotal Funding
SERIES_GCompany Stage
Data & Analytics, Enterprise Software, CybersecurityIndustries
501-1,000Employees
Benefits
Flexible Work Hours
Mental Health Support
Company Equity
Professional Development Budget
Risks
Technological advancements may outpace Sysdig's offerings, risking competitive edge loss.
New cybersecurity startups could dilute Sysdig's market share and pressure pricing.
Reliance on open-source solutions exposes Sysdig to potential vulnerabilities and challenges.
Differentiation
Sysdig uses a unique AI architecture for real-time cloud attack detection.
Open-source Falco enhances Sysdig's runtime threat detection capabilities.
Sysdig's tools integrate security into the DevOps process, supporting DevSecOps practices.
Upsides
Growing demand for cloud-native security boosts Sysdig's market potential.
AI-driven security solutions align with Sysdig's capabilities, enhancing threat detection.
Kubernetes adoption expansion increases demand for Sysdig's specialized security solutions.
Related Jobs
RemoteRemoteStaff Product Manager, AI Security
HackerOne$162,000 - $225,000/year
- Full Time
- Expert & Leadership (9+ years)
RemoteProtective Intelligence & Threat Analyst
OpenAI$140,000 - $225,000/year
- Full Time
- Junior (1 to 2 years)
RemoteStaff Endpoint Security Engineer
Included HealthSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSr. Product Manager II - Linux/Containers/Kubernetes (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteStaff Threat Intelligence Analyst
Huntress$190,000 - $210,000/year
- Full Time
- Senior (5 to 8 years)
RemoteStaff Data Scientist, Consumer
RedditSalary not specified
- Full Time
- Junior (1 to 2 years), Senior (5 to 8 years)
RemoteSenior SOC Engineer
CVS HealthSalary not specified