Content Development Engineer
Remote
Full Time
#Engineering
#Security
#Log Management
#Threat Detection
#SIEM
#Programming
#Networking
At Graylog, we are dedicated to transforming how organizations handle security through our advanced Threat Detection, Investigation, and Response solutions. With over 50,000 installations of our open-source product worldwide and a robust enterprise platform that processes terabytes of data in real time, we help teams stay ahead of complex security challenges. Our work has been recognized by industry leaders, including recent accolades from the Globee Awards and GigaOM, and we are proud of the impact our technology has on security, compliance, and DevOps teams everywhere. We are a collaborative, remote-friendly community that values innovation and integrity, and we are looking for passionate people to help us continue building tools that make the digital world safer.
The opportunity
We are looking for a Senior Content Development Engineer to join our security content team. In this role, you will be a key player in shaping our Illuminate library, which provides our customers with the data processing modules, dashboards, and curated alerts they need to detect and remediate threats effectively. You will work closely with our product team and external partners to identify emerging threats and translate them into actionable response plans. This is a full-time, remote position that offers you the chance to influence our security roadmap and directly improve the security posture of organizations around the globe.
A day in the life
- Independently research, build, and deliver high-quality security content, including detection logic and remediation steps, to enhance our Illuminate library.
- Collaborate with your teammates by testing, reviewing, and providing constructive feedback on their security content to ensure excellence.
- Stay at the forefront of the industry by monitoring security trends, new vulnerabilities, and evolving attack vectors to keep our detection capabilities sharp.
Who you are
You are a motivated security professional with a strong background in threat detection and response. You thrive in environments where you can solve complex problems and are committed to clear, concise documentation. Your ideal profile includes:
- Extensive experience in information security, specifically in writing and tuning security alerts, ideally within a SOC or similar environment.
- Hands-on technical proficiency with SIEM or log aggregation tools like Graylog, Splunk, or QRadar.
- Familiarity with Sigma Rules, regex, grok, and GitHub, along with a solid understanding of Linux and Windows system administration.
- A strong grasp of programming logic and networking concepts.
- Excellent communication skills in English, with a keen eye for detail.
Why you'll love it here
We believe in investing in our people, which is why we offer a supportive environment where you can grow both personally and professionally. When you join our team, you will enjoy:
- The flexibility of remote work, supported by a monthly allowance to help you outfit your home office.
- A stake in our collective success through equity compensation.
- The opportunity to work with a diverse, global team and the choice of the latest equipment to help you do your best work.





