CSOC Engineer - Security Automation

<div class="content-intro"><p>Fastly helps people stay better connected with the things they love. Fastly’s edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers’ applications as close to their end-users as possible — at the edge of the Internet. The platform is designed to take advantage of the modern internet, to be programmable, and to support agile software development. Fastly’s customers include many of the world’s most prominent companies, including GitHub, Yelp, Paramount, and JetBlue.</p> <p>We're building a more trustworthy Internet. Come join us.</p></div><p> </p> <h2><strong><strong>CSOC Engineer- Security Automation</strong></strong></h2> <p>Fastly is seeking a Security Automation Engineer for our Customer Security Operations Center (CSOC) team, where you'll help design, operate, and evolve the internal security platform and tools that enable our Security Analysts to keep our customers safe.</p> <p>Day to day, you'll work across the entire stack of our bespoke SIEM and SOAR platform - designing systems, writing production-grade code, and shipping features that have a direct impact on how we protect our customers. You'll work closely with our Security Analysts to deeply understand their challenges, then develop automated security workflows that solve those problems, ensuring the right information is presented at the right time. You'll spot inefficiencies in how we detect and respond to security incidents, and build the tools to eliminate them.</p> <h3><strong><strong>What You'll Do</strong></strong></h3> <ul> <li> <h4>Design, develop, and refactor our custom internal security platform across both the backend(FastAPI) and frontend(React)</h4> </li> <li> <h4>Partner with security analysts to turn manual workflows into automated, reliable processes</h4> </li> <li> <h4>Work with our infrastructure in GCP, using Kubernetes for orchestration and Terraform for resource management</h4> </li> <li> <h4>Leverage our monitoring and alerting tools (Prometheus/Grafana) to detect failures early and maintain high availability across the internal security platform the team owns</h4> </li> <li> <h4>Build and maintain API integrations that connect our detection tools, ticketing systems, and customer environments</h4> </li> <li> <h4>Champion code quality through code reviews, testing practices and CI/CD pipelines.</h4> </li> </ul> <h3><strong><strong>What We're Looking For</strong></strong></h3> <ul> <li> <p><strong>At least 3 years building and shipping software in a production environment</strong></p> </li> <li> <p><strong>Solid proficiency in Python, JavaScript and/or Golang.</strong></p> </li> <li> <p><strong>Hands-on experience with Docker, Kubernetes, and cloud providers (we use GCP)</strong></p> </li> <li> <p><strong>You know when to build a complex system and when a simple solution is the right call. You care about testing, code quality and monitoring your applications.</strong></p> </li> <li> <p><strong>You can explain technical trade-offs clearly and collaborate effectively with a distributed team across time zones.</strong></p> </li> <li> <p><strong>Experience guiding and coaching team members, helping others grow alongside you</strong></p> </li> <li> <p><strong>You pick up new skills quickly and share what you've learned with the broader team</strong></p> </li> </ul> <p> </p> <h3><strong><strong>We'll Be Super Impressed If You Have Experience In Any Of These</strong></strong></h3> <ul> <li> <p><strong>Building or maintaining a custom SIEM or SOAR platform</strong></p> </li> <li> <p><strong>Working with Event-driven architectures or message queues (e.g. Kafka, Pub/Sub)</strong></p> </li> <li> <p><strong>Previous experience at a CDN, cloud provider, or high-traffic platforms</strong></p> </li> <li> <p><strong>Working with geographically dispersed teams</strong></p> </li> </ul> <p><strong><strong>Work Hours</strong></strong>< ... (truncated, view full listing at source)