Key skills
PythonBashReactAWSSumo LogicLeadershipCommunication
About this role
Celara builds enterprise software that powers restaurant chains at scale. The Security Engineer will be responsible for enhancing threat awareness and building a visibility layer to monitor internal and external signals across the organization.
Responsibilities:
- Own our threat awareness across every surface
- Collect, monitor, filter, enrich, and relay external signals: dark web, threat feeds, CVEs, vendor advisories
- Track what's happening inside: corporate systems, cloud infrastructure, IdP, messaging and communication, endpoints, and application behavior
- Be the first to know when something looks wrong — and be able to explain it clearly
- Build a library of business cases for visibility and monitoring, then implement them
- Start with Sumo Logic, grow into Elastic
- Take ownership of our Sumo Logic SIEM: collectors, pipelines, data quality, and detection logic
- Work toward integrating our Elastic/APM stack to extend visibility into product and platform behavior
- Tune signal over noise — don't just ingest everything, make what we have trustworthy
- Build solutions where they don't exist
- Extract security-relevant data from sources that weren't designed to provide it
- Write scripts, build pipelines, and create custom solutions when tools don't cover the gap
- Show daily progress — small improvements compound
- Make visibility actionable
- Brief leadership regularly on attack surface, unusual activity, and emerging threats
- Translate technical signals into clear, decision-ready information
- Identify problems early enough that we can act, not just react
Requirements:
- 3+ years in security engineering, detection engineering, or a hands-on security operations role
- Experience owning a SIEM end-to-end — not just using one
- Comfort with AWS environments and a variety of log sources from cloud to apps to hosts
- Ability to develop automation and scripts and build tooling (Python, Bash, or similar)
- Strong instincts for what matters — you know the difference between noise and signal
- Clear communicator who can brief a non-technical audience on threat posture
- Experience with Sumo Logic or Elastic Stack
- Familiarity with threat intelligence sources, dark web monitoring, or OSINT
- Exposure to product/application telemetry and APM tooling