[LATAM] Security Engineer – Visibility, Detection & Response
Own Security Visibility Across the Company
- Own our Sumo Logic SIEM end-to-end:
- Collectors
- Pipelines
- Detections
- Data quality
- Cost vs. value tradeoffs
- Ensure security telemetry exists across:
- Corporate systems
- Cloud infrastructure
- Platform and product components
- Third-party vendors
- Build detections only after validating the underlying signal is trustworthy.
- Identify what security-relevant signals should exist
- Work with engineering to find or extract them
- Design creative approaches when:
- Logs don’t exist
- Data volume is extreme
- Native tools don’t scale
- Build custom solutions when necessary
You’ll help build visibility into things like:
- Patch and update status across platform components
- Configuration drift
- Runtime state and exposure windows
- Changes that materially increase risk
- CVEs
- Vendor advisories
- Security releases
- Dark-web activity relevant to us and our vendors
- Quickly determine applicability to our environment
- Correlate external signals to internal assets
- Drive investigations, detections, or remediation
- Help shorten the gap between “this exists” and “we’ve responded”
- Leading investigations end-to-end
- Coordinating across infrastructure, application, and systems teams
- Driving clear decisions and communication
- Running post-incident reviews and forcing learnings back into the system
- 3+ years in security engineering, detection engineering, or incident response
- Hands-on experience with SIEMs and large-scale log data
- Strong understanding of cloud environments (especially AWS)
- Experience investigating across logs, identity, network, and applications
- Ability to build or automate solutions (Python, scripting, etc.)
- Strong communication skills — especially during incidents
- Figuring out what isn’t visible
- Working under real constraints
- Owning outcomes instead of tasks
- Making security meaningfully better over time