Key skills
LinuxPythonShell ScriptingSplunkShellPowerShellAnalyticsLeadershipRemote Work
About this role
Role Overview
- Lead the Onboarding Journey: Take full technical ownership of the customer relationship immediately following the sale, moving them from initial setup to a fully operational production environment.
- Architect Data Pipelines: Design and implement complex data ingestion strategies using Gravwell Ingesters, focusing on efficient normalization and parsing.
- Detection Engineering: Collaborate with customer security teams to build, test, and deploy advanced queries and alerting logic to identify threats and system anomalies.
- Systems Engineering: Provide expert-level guidance on Linux system tuning, storage optimization, and resource management to ensure Gravwell clusters perform at peak efficiency.
- Mission Support: Act as the primary technical point of contact for complex troubleshooting, helping customers navigate deep-tier technical hurdles in their environments.
- Develop Technical Tooling: Write custom shell scripts, utilities, and automation workflows to streamline deployment and data manipulation tasks.
- Feedback Loop: Act as a conduit between the customer and our core Engineering team, translating real-world usage challenges into prioritized product features.
Requirements
- 3–5+ years in a highly technical role such as Security Engineer, SIEM Administrator, or Site Reliability Engineer (SRE).
- Linux Power User: You should be comfortable living in the terminal. Deep knowledge of Linux internals, file systems, and performance tuning is a must.
- Scripting & Automation: Proficiency in Shell scripting, Python, or Powershell for system management and tasks.
- Detection Mindset: Strong understanding of security frameworks (MITRE ATT&CK) and the ability to translate TTPs into functional search queries and alerts.
- Log Mastery: Experience with regex, JSON manipulation, and structured/unstructured data normalization.
- SIEM Expertise: Hands-on experience managing or deploying enterprise-grade platforms (e.g., Splunk, Elastic, QRadar, or specialized syslog-ng/fluentd architectures).
- Project Leadership: Ability to manage an onboarding timeline and guide multiple stakeholders through a technical mission.
Tech Stack
- Linux
- Python
- Shell Scripting
- Splunk
Benefits
- Work where your impact is direct, visible, and appreciated.
- Full autonomy and trust to solve problems that we may not have known we had.
- Flexible remote work setup with a strong support culture.
- Access to mission-critical projects and real-world security data.
- Help build a better analytics experience.