← Back to jobs
Fastly
Fastly

Senior CSOC Engineer

engineeringfull-timeNew York City, NY; San Francisco, CA
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
general
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

CSOC Engineer - Security Automation

Fastly is seeking a Security Automation Engineer for our Customer Security Operations Center (CSOC) team, where you'll help design, operate, and evolve the internal security platform and tools that enable our Security Analysts to keep our customers safe.

Day to day, you'll work across the entire stack of our bespoke SIEM and SOAR platform - designing systems, writing production-grade code, and shipping features that have a direct impact on how we protect our customers. You'll work closely with our Security Analysts to deeply understand their challenges, then develop automated security workflows that solve those problems, ensuring the right information is presented at the right time. You'll spot inefficiencies in how we detect and respond to security incidents, and build the tools to eliminate them.

What You'll Do

  • Design, develop, and refactor our custom internal security platform across both the backend (FastAPI) and frontend (React)
  • Partner with security analysts to turn manual workflows into automated, reliable processes
  • Integrate and operationalise AI/ML utilities (such as LLMs) into our security platform to assist analysts with threat investigation and incident summarisation.
  • Work with our infrastructure in GCP, using Kubernetes for orchestration and Terraform for resource management
  • Leverage our monitoring and alerting tools (Prometheus/Grafana) to detect failures early and maintain high availability across the internal security platform the team owns
  • Build and maintain API integrations that connect our detection tools, ticketing systems, and customer environments
  • Champion code quality through code reviews, testing practices and CI/CD pipelines.

What We're Looking For

  • At least 3 years building and shipping software in a production environment
  • Solid proficiency in Python, JavaScript and/or Golang.
  • Hands-on experience with Docker, Kubernetes, and cloud providers (we use GCP)
  • You know when to build a complex system and when a simple solution is the right call. You care about testing, code quality and monitoring your applications.
  • You can explain technical trade-offs clearly and collaborate effectively with a distributed team across time zones.
  • Experience guiding and coaching team members, helping others grow alongside you
  • You pick up new skills quickly and share what you've learned with the broader team

We'll Be Super Impressed If You Have Experience In Any Of These

  • Building or maintaining a custom SIEM or SOAR platform
  • Deploying and operationalising Machine Learning models or Large Language Models (LLMs) in production environments
  • Working with Event-driven architectures or message queues (e.g. Kafka, Pub/Sub)
  • Previous experience as a security analyst or in a security operations center
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now