Senior Security Engineer
Dremio
Be Part of Building the Future
Dremio is the unified lakehouse platform for self-service analytics and AI, serving hundreds of global enterprises, including Maersk, Amazon, Regeneron, NetApp, and S&P Global. Customers rely on Dremio for cloud, hybrid, and on-prem lakehouses to power their data mesh, data warehouse migration, data virtualization, and unified data access use cases. Based on open source technologies, including Apache Iceberg and Apache Arrow, Dremio provides an open lakehouse architecture enabling the fastest time to insight and platform flexibility at a fraction of the cost. Learn more at www.dremio.com.
About the role
We are looking for a security generalist. You will be driving technical security initiatives for Dremio. You will own different aspects of the Dremio security such as product security, cloud security, detection and response initiatives, security side of compliance efforts with team members sharing the responsibilities.
What you’ll be doing
- Serve as a security expert for the organization
- Join product and cloud security uplift efforts
- Design and implement security automation tools
- Define and drive the roadmap for threat detection and incident response
- Develop and mature Dremio’s incident response playbook
- Run risk assessment and remediation work for the organization
- Participate and respond to security incidents
- Work with various stakeholders to perform root cause analysis for security problems
- Research and evaluate new and emerging security trends, technologies, risks and threat
- Participate in security efforts for compliance such as ISO27001, SOC 2, PCI, etc…
What we’re looking for
- Have 4-6 years of experience working on information security and/or related field
- Understanding of Cloud Infrastructure Security and functioning, experience with CloudTrail, GCP Logging or similar
- Degree in computer science/ related field or equivalent combination of professional development training and experience
- Hands on experience working on configuring and managing tools such as SIEM, syslog, REST API based logging parsers
- Scripting knowledge in Python, Go, Bash, etc…
- Stay up to date on new security issues
- Able to communicate clearly and effectively to various stakeholders
Bonus points if you have
- Education in cybersecurity/computer science or related field
- Knowledge on analyzing large datasets
- Built, managed or worked in a D&R function for an organization
- Information security certifications such as CEH, OSCP, CISM, GIAC, CompTIA Security+
Return to Office Philosophy
Workplace Wednesdays - to break down silos, build relationships and improve cross-team communication, Gnarlies who live within a 1-hour commuting distance (one-way) to a Dremio office come to the office. Lunch catering / meal credits provided in the office and local socials align to Workplace Wednesdays. In general, Dremio will remain a hybrid work environment. We will not be implementing a 100% (5 days a week) return to office policy for all roles.
#LI-JF1
What we value
At Dremio, we hold ourselves to high standards when it comes to People, Thinking, and Action. Our Gnarlies (that's what we call our employees) communicate with clarity, drive accountability, and are respectful towards each other. We confront brutal facts and focus on results while operating with a sense of urgency and building a "flywheel". People who like to jump in and drive momentum will thrive in our #GnarlyLife.
Dremio is an equal opportunity employer supporting workforce diversity. We do not discriminate on the basis of race, religion, color, national origin, gender identity, sexual orientation, age, marital status, protected veteran status, disability status, or any other unlawful factor.
Dremio is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request accommodation due to a disability, please inform your recruiter.
Dremio has policies in place to protect the personal information that employees and applicants disclose to us. Please click here to review the privacy notice.
Important Security Notice for Candidates
At Dremio, we uphold trust and transparency as paramount values in all our interactions with customers, partners, employees, and the general public. We have been targeted by individuals creating fake domains similar to ours to scam prospects and candidates. Please note that all official communications from us will be from an @dremio.com domain. If you suspect you've been targeted by a scam, it's imperative to report the incident to your local law enforcement agencies. For more information about this type of scam, please refer to Dremio's official statement here.