Professional Services Engineer
corelight
Remote
Engineering
Posted 8 days ago
Job Description
<div class="content-intro"><p><strong>Be part of the team that defends the networks the world depends on</strong></p>
<p>Corelight defends the world’s most sensitive networks—from global commerce to national defense—quietly, relentlessly, and with resolve. As cyber threats grow faster and smarter, we serve as the trusted force behind network resilience, putting elite defense within reach.</p>
<p>By transforming digital footprints from physical, virtual, and cloud networks into actionable insights, we empower defenders to illuminate blind spots and stay ahead of an evolving threat landscape. Built on open-source innovations and fueled by industry leading agentic AI technology, Corelight helps teams to detect advanced threats and close cases with unprecedented clarity and precision.</p></div><p><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">We are currently seeking a Staff Resident PSE to join our Federal Professional Services team, reporting to the manager of Professional Services. In this role, the main focus is to prepare and validate equipment configurations for new installations, develop content for anomaly and hunt detections, assess the overall health of the Corelight infrastructure at the client’s location. You’re the ideal candidate if you are a strategic thinker with a strong networking and security background, work well independently, and are results-driven.</span></p>
<p><span style="font-family: helvetica, arial, sans-serif; font-size: 12pt;">Key Responsibilities:</span></p>
<ul>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Help customers improve their cybersecurity posture, with a particular focus on process</span><br><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">optimization</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Help investigate incidents</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Educate on Zeek Log use, including as it relates to Corelight Suricata alerts</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Design and implement technical solutions with ecosystem partners (packet brokers,</span><br><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">asset managers, SOAR systems, etc.)</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Implement queries and dashboards in SIEMs - Splunk, Elastic, Humio, etc.</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Influence customers and Corelight teams and be seen as a technical expert</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Conduct network-related testing to ensure Corelight products operate correctly</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Perform validation testing of Corelight products</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Provide ongoing, informal, knowledge transfer</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Collaborate with product management on product features/integrations</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Work with back-end tools like Kafka and Logstash</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Documenting the process for importing of data (MISP, Intel, etc)</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Developing custom content for threat hunting use cases as defined by the customer</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Developing playbooks for SOC/IR workflow automation based on Corelight data</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Ad-hoc (as requested) written summary reports on equipment and security problems</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Technical input to major service outage root cause analysis and corrective action reports</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Leading project status meetings and wrap-up/post-mortem meetings</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Some on-site work required</span></li>
</ul>
<p><span style="font-family: helvetica, arial, sans-serif; font-size: 12pt;">Minimum Qualifications:</span></p>
<ul>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">US Citizen</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">5+ years of experience in cybersecurity (Prior startup experience preferred)</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Extensive experience with a SOC environment</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Zeek/Corelight experience is a plus</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Security and/or Networking related certification(s)</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Demonstrated expertise in Windows/MacOS/Linux/Unix operating systems, IDS/IPS,</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Network administration, firewall configuration, and strong knowledge of TCP/IP</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">SIEM experience (Splunk required, others a bonus)</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Scripting in (some of) Zeek, Bash, Python, Perl, Powershell, etc.</span></li>
<li style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Strong briefing skills; experience interacting with SES/general officer-level management</span></li>
</ul><div class="content-pay-transparency"><div class="pay-input"><div class="description"><p><span data-sheets-root="1" data-sheets-value="{"1":2,"2":"Notice of Pay Transparency:\nThe compensation for this position ranges from $180,000 - $214,000/year and may vary depending on factors such as your location, skills and experience. Depending on the nature and seniority of the role, a percentage of compensation may come in the form of a commission-based or discretionary bonus. Equity and additional benefits will also be awarded."}" data-sheets-userformat="{"2":47361,"3":{"1":0,"3":1},"11":4,"14":{"1":3,"3":1},"15":"Calibri","16":11,"18":1}" data-sheets-formula="=R1C12&TEXT(R[0]C[-4],"#,000")&" - $"&TEXT(R[0]C[-2],"#,000")&R1C13">Notice of Pay Transparency:<br>The compensation for this position may vary depending on factors such as your location, skills and experience. Depending on the nature and seniority of the role, a percentage of compensation may come in the form of a commission-based or discretionary bonus. Equity and additional benefits will also be awarded.</span></p></div><div class="title">Compensation Range</div><div class="pay-range"><span>$124,000</span><span class="divider">—</span><span>$160,000 USD</span></div></div></div><div class="content-conclusion"><p><strong>Why Join Us?</strong> </p>
<p>Fueled by investments from top-tier venture capital organizations such as Crowdstrike, Accel and Insight, Corelight is one of the fastest growing network detection and response platforms in the industry. Our passionate team thrives in a collaborative, inclusive, and geographically distributed culture. We embrace diverse perspectives, neurodiversity, curiosity and low ego results - fostering an environment where every innovator can solve the toughest challenges in cybersecurity and contribute their best work.</p>
<p>We are looking forward to meeting you. Check us out at<a href="https://www.corelight.com"> www.corelight.com</a></p></div>