All roles

Open role

Senior Solutions Architect, CSP (Copy)

Remote · South Korea Full-time

Job Title: Network Infrastructure & Security Engineer (Detection Engineering) Location: Remote (US Only) Travel up to 10–25%, concentrated around customer pilots and detection validation on-site *We cannot sponsor or transfer any visas, of any kind now or in the future (ex. OPT, EAD, H1B, H4, etc.)* Estimated salary range: ​Base: $170,000 to $210,000 ​Expected OTE: $226,000 to $280,000

  • The salary offered for this position will be based on a candidate’s experience and skill demonstrated during interviews and other evaluations

Position Overview Ocient's data engine already ingests and queries full-fidelity network and security telemetry — NetFlow/IPFIX, DNS, authentication, endpoint, and cloud audit data — at petabyte scale, retaining 12–24 months without sampling and querying it in seconds. We're putting that engine to work as the data layer behavioral baselining, threat hunting, and agentic AI detection run against, and we know exactly the kind of engineer it takes to build what runs on top of it. We're hiring a Network Infrastructure & Security Engineer who leads by doing. This is a builder role, not a figurehead or advisory position: you'll be the one writing SQL-based detections, building the datasets and demo environment used to develop and prove them out, and making the calls on network probe and data-collection strategy as we grow. You'll work closely with the Practice Leader and the rest of the Solutions team, but the work happens with you down in the weeds, not above them. customer outcomes.

Responsibilities

  • Write detection logic. Design, write, and maintain SQL-based behavioral detections and anomaly-scoring logic on top of Ocient's engine — lateral movement, C2 beaconing, DNS tunneling, data exfiltration, and low-and-slow attack patterns using rolling 7/30/90-day baselines.
  • Run the technical program day to day. Build, test, tune, and validate detections against real and simulated telemetry, hands-on — not just define requirements for someone else to build.
  • Build the datasets and demo environment. Work with the team building the demo environment to generate the underlying datasets needed to develop and showcase detections and use cases, alongside the broader platform build-out.
  • Make the work reusable. Build detection logic so it generalizes (~90% reusability) across the industries we support — financial services, telecommunications, energy, healthcare, and government — rather than as vertical-specific one-offs.
  • Shape network probe & data collection strategy. Evaluate and help define our approach to high-volume network data capture, including tradeoffs between commercial probes (Gigamon, NetQuest) and lower-cost or open-source alternatives (e.g., Zeek/Suricata-based collection).
  • Keep integrations clean. Make sure detections and enrichment output integrate cleanly with customers' existing SIEM/EDR stack (Splunk, Chronicle, Sentinel, CrowdStrike) so adoption doesn't require a rip-and-replace.
  • Deliver hands-on during customer pilots. Provide hands-on technical delivery during customer proof-of-value pilots — configuring ingestion, tuning baselines, and validating detections against a customer's actual telemetry.
  • Document as you go. Write up detection logic, runbooks, and technical playbooks so the team's detection library is maintainable and transferable as we grow.

Ideal Qualifications

  • 5+ years in network security engineering, detection engineering, or SOC/threat hunting roles, with direct, hands-on experience building detection content — not just consuming or tuning vendor-supplied rules.
  • Strong working experience with network telemetry: NetFlow/IPFIX, DNS logs, and PCAP analysis at scale.
  • Demonstrated experience writing detection logic or correlation content (Sigma rules, SIEM correlation rules, or custom SQL-based detections).
  • Proficiency in SQL and comfort working directly in large-scale data platforms or data warehouses.
  • Familiarity with network probe/sensor technologies (Gigamon, NetQuest, or open-source equivalents such as Zeek or Suricata) and the tradeoffs between them.
  • Solid understanding of the MITRE ATT&CK framework and behavioral/statistical anomaly detection methods (baselining, z-score deviation, peer-group analysis).
  • Experience integrating detection output with SIEM/SOAR/EDR platforms (Splunk, Chronicle, Sentinel, CrowdStrike, SentinelOne, or similar).
  • Comfortable operating independently in a build-from-scratch, startup-within-a-company environment — this role will define as much process as it executes against.

An Exceptional Candidate Will Have

  • Experience with carrier-scale signaling protocols (Diameter, SS7) relevant to telecom security use cases.
  • Scripting/programming ability (Python) for automation, enrichment pipelines, and tooling.
  • Experience with cloud audit log analytics (AWS CloudTrail, Azure Activity Log, GCP Cloud Audit).
  • Experience with OT/ICS telemetry (Modbus, DNP3, IEC 61850) or protocols relevant to critical infrastructure.
  • Active security clearance, or eligibility to obtain one, for future government/defense engagements.

More open positions

Business Operations Specialist

Work from home Full-time role

FirstWord Sales Consultant

Work from home Full-time role

Manager, Engineering - Platform Engineering

Work from home Full-time role

Senior Art Director, Superette

Work from home Full-time role

Sr. Product Manager

Work from home Full-time role

Data Annotation Expert- Remote

Work from home Full-time role

Regulatory Affairs Specialist

Work from home Full-time role

V105- Legal Assistant I

Work from home Full-time role

[Remote] Vice President, Financial Planning and Analysis

Work from home Full-time role

FinOps Analyst - AR, Cash Apps

Work from home Full-time role

Data Entry Specialist – Remote Part‑Time Role Focused on Precision Database Management for careerzynith’s Global Content Platform

Work from home Full-time role

Recruitment Officer - Traineeships (Part-Time)

Work from home Full-time role

Social Media Manager / Content Strategist

Work from home Full-time role

Senior Scientific and Regulatory Affairs Manager (Remote) in Boca Raton, FL

Work from home Full-time role

Hiring Now: Salesforce Developer (Work from Anywhere)

Work from home Full-time role

Senior Technical Fellow – Manufacturing, Affordability & Cost Intelligence

Work from home Full-time role

Remote Special Education Program Director

Work from home Full-time role

[Remote] Experienced Loss Control Consultant - Remote

Work from home Full-time role

[Remote] AI Training Experts - Stockton, US

Work from home Full-time role

Sales Development Representative 2.0 (Chicago/Midwest or New York City/Northeast Based)

Work from home Full-time role

Netflix Remote Jobs(Data Entry) $/25 Hour Hiring Work From Home Jobs

Work from home Full-time role