Senior Security Detection Engineer

Working at AtlassianAtlassian can hire people in any country where we have a legal entity. Assuming you have eligible working rights and a sufficient time zone overlap with your team, you can choose to work remotely or return to an office as they reopen (unless it’s necessary for your role to be performed in the office). Interviews and onboarding are conducted virtually, a part of being a distributed-first company.We are looking for a Detection Engineer to join our Detections Program! Atlassian is looking for technical people to help us build and run monitoring/analytics systems. As an Engineer for Detections at Atlassian, you’ll research threat intelligence, malware, and attacker techniques, then apply that research to create detection rules to grow our detection capabilities. You will work with a team of passionate, disciplined Detection Engineers who are developing the mechanisms to detect and respond to potential threats to Atlassian. You will report to the Security Intelligence Manager. You will also partner with the Incident Response team, Security Logging team, and the other security teams at Atlassian to accomplish these goals.We would love for you to be a great developer and data analyst, but more importantly, you must be motivated and love security. You should be comfortable writing code and not depend on third-party products to do your job. You must have an understanding of fundamental security, detection engineering, SIEM solutions, network, system, and application security and have passion and experience creating detection logic using endpoint telemetry. In short, detection writing and coding is a prerequisite, but a strong attitude, a willingness to collaborate, and a passion to learn are requirements.

As a Detection Engineer, you’ll be expected to:

• Research attacker methodologies and techniques to create detection logic to enhance our threat detection coverage
• Tune and test detection logic to reduce false positives and noise
• Evaluate gaps in Atlassian’s existing detection capabilities
• Be a technical resource for the Incident Response team during active response efforts

On your first day, we’ll expect you to have:

• 3+ years experience working in security
• At least one year of experience in writing detections, SIEM rules, or EDR rules
• At least one year of experience in Incident Response
• Expertise in a broad range of security tech, such as threat intelligence, AWS architecture, vulnerability management, ZeroTrust, or IDS
• Proficiency in common regex tasks
• Experience in one of the following database query languages: SPL, Spark SQL, or SQLite
• Contributed to development of detection and alerting pipeline
• Experience in dissecting attacker methodologies and techniques, and communicating these into incremental bodies of work
• Comprehensive understanding of product and infrastructure logs from a security perspective
• Experience building and delivering projects from start to finish

It’s great, but not required, if you have:

• Red team/Offensive Security experience 
• Fluency in programming or scripting languages (i.e. Python, JavaScript, Go, Apache Spark)
• Written code to complete security tasks
• Experience with AWS or similar cloud service platform
• Experience in creating automation scripts using a SOAR platform

More about our team:We want diverse skills so we can all learn from each other and do interesting things; our team doesn’t just click the same buttons over and over. You will work along with the security engineering team – a smart group dedicated to improving the security of our products and engineering practices. We work both independently and in collaboration with development teams as we assess and respond to security issues that might occur with new products and features.Our perks & benefitsTo support you at work and play, our perks and benefits include ample time off, an annual education budget, paid volunteer days, and so much more.About AtlassianThe world’s best teams work better together with Atlassian. From medicine and space travel, to disaster response and pizza deliveries, Atlassian software products help teams all over the planet. At Atlassian, we're motivated by a common goal: to unleash the potential of every team.We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.To learn more about our culture and hiring process, explore our Candidate Resource Hub.