14 mar
Celara
San Miguel de Tucumán
We build enterprise software that powers restaurant chains at scale. Our systems span cloud infrastructure, distributed platforms, on-premise components, and a growing product ecosystem that processes massive volumes of operational data.nSecurity here is not about checkbox compliance or alert theater. It’s about knowing what’s happening in our systems early enough to matternWhat You'll OwnnnOwn Security Visibility Across the CompanynOwn our Sumo Logic SIEM end-to-end:nnnCollectorsnPipelinesnDetectionsnData qualitynCost vs. value tradeoffsnnnEnsure security telemetry exists across:nnnCorporate systemsnCloud infrastructurenPlatform and product componentsnThird-party vendorsnnnBuild detections only after validating the underlying signal is trustworthy.nThis is not “just writing rules.” You are responsible for whether we can see things at all.nnBuild Product & Platform Telemetry (Hard Problems)nnOur product generates hundreds of millions of events through APM and platform systems — most of which we cannot ingest directly today.nnYou will:nnIdentify what security-relevant signals should existnWork with engineering to find or extract themnDesign creative approaches when:nnnLogs don’t existnData volume is extremenNative tools don’t scalennnBuild custom solutions when necessarynnYou’re not expected to boil the ocean — you are expected to make smart tradeoffs.nImprove Operational Awareness (Beyond Alerts)nnNot everything becomes an alert.nnYou’ll help build visibility into things like:nnPatch and update status across platform componentsnConfiguration driftnRuntime state and exposure windowsnChanges that materially increase risknnMuch of this data exists today only in fragments. Your job is to aggregate, normalize, and make it useful.nTurn External Threats into Internal ActionnnWe monitor:nCVEsnVendor advisoriesnSecurity releasesnDark‑web activity relevant to us and our vendorsnnBut monitoring alone isn’t enough. You’ll:nnQuickly determine applicability to our environmentnCorrelate external signals to internal assetsnDrive investigations, detections, or remediationnHelp shorten the gap between “this exists” and “we’ve responded”nnLead Security Incident ResponsennYou will be the default Incident Commander for security events. That means:nLeading investigations end-to-endnCoordinating across infrastructure, application, and systems teamsnDriving clear decisions and communicationnRunning post‑incident reviews and forcing learnings back into the systemnnIf something happens and no one knows who’s in charge — that’s a failure this role owns.nWhat You Bringnn3+ years in security engineering, detection engineering, or incident responsenHands‑on experience with SIEMs and large‑scale log datanStrong understanding of cloud environments (especially AWS)nExperience investigating across logs, identity, network, and applicationsnAbility to build or automate solutions (Python, scripting, etc.)nStrong communication skills — especially during incidentsnExperience with product telemetry, data engineering, or platform security is a plus.n
📌 Security Engineer – Visibility, Detection & Response (QB - SE - 20250113) (San Miguel de Tucumán)
🏢 Celara
📍 San Miguel de Tucumán
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.