Sr Security Operations Engineer, Slack

Slack's Security team is seeking a Senior Security Operations Engineer to join their Security Engineering team. The role focuses on threat detection, logging, and remediation within Slack's infrastructure. As part of a dozen-person team of multidisciplinary engineers, you'll work on SecDevOps, write Go and Python, and scale Elasticsearch. The team supports Slack's mission by making people's working lives more secure, taking a systemic approach to security while providing a low-friction, high-impact security model.

The ideal candidate should be passionate about finding IOCs (Indicators of Compromise) and suggesting new detection methods. Experience with APT tradecraft and threat intel is valuable. The role involves working with AWS infrastructure, Elasticsearch/Kibana for metrics and information access, Kafka for data processing, and Google Chronicle for both self-hosted and hosted security solutions.

This position offers the opportunity to work on cutting-edge security challenges, including an eBPF-based detection framework, handling millions of events per second, and contributing to a team that values creativity, collaboration, and fundamental problem-solving. The role includes on-call responsibilities during working hours and requires a deep understanding of core security concepts such as MFA, ZeroTrust, and secure token management.

Join a team that prioritizes maintainable solutions, cross-company collaboration, and an inclusive team ethos. While significant software engineering experience isn't mandatory, an interest in development, operations, and a deep desire to learn are essential. The role offers the latitude to define workstreams and approach engineering problems as an art form, making it perfect for security professionals who want to make a significant impact in a dynamic, fast-growing environment.