Requirements
If you are an automation-first engineer who thrives on solving complex forensic puzzles and building resilient systems, you will play a foundational role in our continued growth
Extensive Cyber Experience: At least 6+ years of professional experience in cybersecurity, specifically focused on detection, incident response, and security automation
Detection as Code Mastery: Proven experience implementing and managing Detection as Code workflows to maintain a modern, scalable security posture
Cloud & Infrastructure Proficiency: Deep technical knowledge of at least one major cloud provider (GCP preferred) and experience securing on‑premise computing environments
Advanced Scripting Skills: Expert‑level proficiency in Python for security scripting, automation, and building custom tooling
Forensic Expertise: Strong background in incident handling and forensic investigations across Unix/Linux, Windows, and Mac endpoints
Infrastructure Tooling: Hands‑on experience with modern infrastructure‑as‑code and container tools, including Terraform, Docker, Kubernetes, and Ansible
Security Observability: Demonstrated ability to build, scale, and manage open‑source security observability solutions and network security at scale
Clearance: Ability to successfully complete and pass a comprehensive background check
(Desirable) AI Integration: Experience or interest in integrating AI and machine learning into automated response workflows to stay ahead of modern attackers
(Desirable) Threat Intel Expertise: Background in integrating complex threat intelligence feeds directly into automated SOAR playbooks
(Desirable) Advanced Certifications: Professional certifications such as GCIA, GCIH, or cloud‑specific security certifications
(Desirable) Specialized Experience: Previous experience working within high‑growth tech environments or companies focused on energy and sustainable infrastructure
(Desirable) Technical Writing: A portfolio of technical blog posts, white papers, or advanced documentation that demonstrates an ability to simplify complex security concepts
What the job involves
As a Staff Security Engineer at Crusoe, you will serve as a primary architect of our defense, safeguarding our customers and our mission to align the future of computing with the future of the climate
In this high‑impact, full‑time role, you will influence our overarching detection strategy by designing, tuning, and validating complex correlation models to stay ahead of an ever‑evolving threat landscape
You will bridge the gap between high‑level strategy and hands‑on execution, building the very technologies that identify and neutralize risks before they manifest
The ideal candidate is a seasoned security expert who balances deep technical mastery in Detection as Code with the leadership presence to mentor peers and partner with cross‑functional teams
You will drive massive projects—from building open‑source security observability at scale to integrating AI into our response workflows—ensuring that Crusoe’s security posture is as innovative as our energy solutions
Detection Strategy & Design: Architect and implement advanced detection mechanisms to proactively hunt for threats across on‑premise and cloud environments (GCP)
Incident Leadership & Forensics: Lead high‑stakes response efforts and forensic investigations, managing everything from initial triage and mitigation to post‑incident stakeholder communication
Detection as Code & Tuning: Manage and refine alerting rules to maximize signal‑to‑noise ratios, utilizing modern workflows to ensure detections are version‑controlled, tested, and scalable
SOAR & Automation: Build and maintain a robust library of automated playbooks and scripts to reduce manual intervention and accelerate our mean time to respond (MTTR)
Security Operations Strategy: Partner with Engineering, Product, and Legal teams to align security operations with organizational goals, ensuring our defense scales with our infrastructure
Operational Excellence: Develop key performance metrics and measurement capabilities to track detection coverage, system performance, and overall residual risk
Documentation & Compliance: Author comprehensive runbooks and standard operating procedures that support our SOC 2 and HIPAA compliance frameworks
Cross‑Functional Mentorship: Act as a technical beacon for the team, providing guidance, training, and strategic thinking to elevate the collective security expertise of the organization
#J-18808-Ljbffr