Threat Detection Engineer (Categorie protette ex art. 1 L. 68/99)
Sysdig
Milan, Italy
Posted on Apr 28, 2025
At Sysdig, we believe cloud security isn't a compromise - it's a promise. From the start, our mission has been clear: to help organizations secure innovation in the cloud, the right way.
We created Falco, the open standard for cloud threat detection, and continue to lead the cloud security market with runtime insights, open innovation, and agentic Al. Creators of technology trusted by over 60% of the Fortune 500, Sysdig gives teams the real-time clarity to move fast and defend what matters most.
Culture matters here. We believe diversity fuels stronger ideas, and open dialogue drives sharper decisions. Recognized as a Best Place to Work and one of Deloitte's fastest-growing companies for the past 5 years, we're here to raise the standard for what cloud security and workplace culture should be.
If you have the passion to dig deeper, the desire to challenge convention, and the curiosity to build something better, Sysdig is the right place for you.
This position is dedicated to individuals belonging to the Categorie protette ex art. 1 L. 68/99.
What you will do
- Reporting to the Manager of Threat Engineering, you will research and maintain threat detections to identify threats that may affect our customers.
- Participate in Sysdig Threat Research Team activities by conducting impactful research on new detection use cases and developing detection methods
- Help automation efforts as they relate to security content by using scripting languages such as Python
- Develop reports and dashboards to measure the progress of detection efforts
What you will bring with you
- 2+ years of hands-on experience with one of the following:
- Security operations, EDR, security engineering, or incident response
- Hands-on experience in Linux, including expertise with system calls and in-depth knowledge of Linux internals
- Experience creating threat detections for cloud environments, such as AWS, Azure, or GCP
- Knowledge of Kubernetes, container technologies, and container runtimes (e.g. Docker, containers, cri-o)
- Experience with SQL and programming languages such as Python or Go, plus using Git for version control and collaborative development.
- Experience with or knowledge of Falco, the OSS threat detection tool
- Familiarity with analysing logs or other security artifacts for malicious behaviour to create detection rules.
- Comfortable working directly with customers to help improve their experience.
What we look for
- People being trusted advisors with a customer success mindset
- Experience from a startup environment
- Growth and learning mindset
When you join Sysdig, you can expect:
- Extra days off to prioritize your well-being
- Mental health support for you and your family through the Modern Health app
- Great compensation package
We would love for you to join us! Please reach out even if your experience doesn't perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different.
Some of our Hiring Managers are globally distributed, an English version of your CV will be appreciated.
Sysdig values a diverse workplace and encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status.
#LI-SM3
#LI-Onsite