[LATAM] Security Engineer – Visibility, Detection & Response

What You'll OwnOwn Security Visibility Across the CompanyOwn our Sumo Logic SIEM end-to-end:CollectorsPipelinesDetectionsData qualityCost vs. value tradeoffsEnsure security telemetry exists across:Corporate systemsCloud infrastructurePlatform and product componentsThird-party vendorsBuild detections only after validating the underlying signal is trustworthy.This is not “just writing rules.” You are responsible for whether we can see things at all.Build Product & Platform Telemetry (Hard Problems)Our product generates hundreds of millions of events through APM and platform systems — most of which we cannot ingest directly today. You will:Identify what security-relevant signals should existWork with engineering to find or extract themDesign creative approaches when:Logs don’t existData volume is extremeNative tools don’t scaleBuild custom solutions when necessaryYou’re not expected to boil the ocean — you are expected to make smart tradeoffs.Improve Operational Awareness (Beyond Alerts)Not everything becomes an alert.You’ll help build visibility into things like:Patch and update status across platform componentsConfiguration driftRuntime state and exposure windowsChanges that materially increase riskMuch of this data exists today only in fragments. Your job is to aggregate, normalize, and make it useful.Turn External Threats into Internal ActionWe monitor:CVEsVendor advisoriesSecurity releasesDark-web activity relevant to us and our vendorsBut monitoring alone isn’t enough. You’ll:Quickly determine applicability to our environmentCorrelate external signals to internal assetsDrive investigations, detections, or remediationHelp shorten the gap between “this exists” and “we’ve responded”Lead Security Incident ResponseYou will be the default Incident Commander for security events. That means:Leading investigations end-to-endCoordinating across infrastructure, application, and systems teamsDriving clear decisions and communicationRunning post-incident reviews and forcing learnings back into the systemIf something happens and no one knows who’s in charge — that’s a failure this role owns.What You Bring3+ years in security engineering, detection engineering, or incident responseHands-on experience with SIEMs and large-scale log dataStrong understanding of cloud environments (especially AWS)Experience investigating across logs, identity, network, and applicationsAbility to build or automate solutions (Python, scripting, etc.)Strong communication skills — especially during incidentsExperience with product telemetry, data engineering, or platform security is a plus.Why Join Qu?If you’re excited by the idea of:Figuring out what isn’t visibleWorking under real constraintsOwning outcomes instead of tasksMaking security meaningfully better over timeReady to take your career to the next level and help restaurants succeed? Let’s talk!

Apply Now