About This Role: Staff Security Engineer
As a Staff Security Engineer at Crusoe, you won't just observe; you will be the primary architect of our defense, directly safeguarding our customers and our mission to align the future of computing with the future of the climate. In this high-impact, full-time role, you will significantly influence our overarching detection strategy by designing, tuning, and validating complex correlation models, ensuring we stay ahead of an ever-evolving threat landscape. You will expertly bridge the gap between high-level strategy and hands-on execution, building the very technologies that identify and neutralize risks before they can manifest.
The ideal candidate is a seasoned security expert who masterfully balances deep technical expertise in Detection as Code with the leadership presence required to mentor peers and forge strong partnerships with cross-functional teams. You will spearhead massive, critical projects—from building open-source security observability at scale to integrating advanced AI into our response workflows—ensuring that Crusoe’s security posture is as innovative and resilient as our groundbreaking energy solutions. If you are an automation-first engineer who thrives on solving complex forensic puzzles and building robust, resilient systems, you will play a foundational role in our continued growth and success.
What You’ll Be Building & Securing: Detection Strategy & Design: Architect and implement advanced detection mechanisms to proactively hunt for threats across both on-premise and cloud environments (GCP). What You’ll Bring to Crusoe: Extensive Cyber Experience: At least 6+ years of professional experience in cybersecurity, with a specific focus on detection engineering, incident response, and security automation. Bonus Points That Impress Us: AI Integration: Experience or keen interest in integrating AI and machine learning into automated response workflows to stay ahead of modern, evolving attackers. Benefits: Compensation: Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.
Incident Leadership & Forensics: Lead high-stakes response efforts and forensic investigations, managing everything from initial triage and mitigation to critical post-incident stakeholder communication.
Detection as Code & Tuning: Manage and refine alerting rules to maximize signal-to-noise ratios, utilizing modern workflows to ensure detections are version-controlled, rigorously tested, and inherently scalable.
SOAR & Automation: Build and maintain a robust library of automated playbooks and scripts to drastically reduce manual intervention and accelerate our Mean Time to Respond (MTTR).
Security Operations Strategy: Partner strategically with Engineering, Product, and Legal teams to align security operations with critical organizational goals, ensuring our defense scales seamlessly with our rapidly expanding infrastructure.
Operational Excellence: Develop key performance metrics and sophisticated measurement capabilities to track detection coverage, system performance, and overall residual risk with precision.
Documentation & Compliance: Author comprehensive runbooks and Standard Operating Procedures (SOPs) that robustly support our SOC 2 and HIPAA compliance frameworks.
Cross-Functional Mentorship: Act as a vital technical beacon for the team, providing expert guidance, specialized training, and strategic thinking to elevate the collective security expertise across the organization.
Detection as Code Mastery: Proven, hands-on experience implementing and managing Detection as Code workflows to maintain a modern, scalable, and resilient security posture.
Cloud & Infrastructure Proficiency: Deep technical knowledge of at least one major cloud provider (GCP preferred) and extensive experience securing diverse on-premise computing environments.
Advanced Scripting Skills: Expert-level proficiency in Python for security scripting, automation, and building custom tooling from the ground up.
Forensic Expertise: Strong background in complex incident handling and deep forensic investigations across Unix/Linux, Windows, and Mac endpoints.
Infrastructure Tooling: Hands-on experience with modern infrastructure-as-code and container tools, including Terraform, Docker, Kubernetes, and Ansible.
Security Observability: Demonstrated ability to build, scale, and manage open-source security observability solutions and network security at enterprise scale.
Clearance: Ability to successfully complete and pass a comprehensive background check.
Threat Intel Expertise: Background in integrating complex threat intelligence feeds directly into automated SOAR playbooks for proactive defense.
Advanced Certifications: Professional certifications such as GCIA, GCIH, or cloud-specific security certifications.
Specialized Experience: Previous experience working within high-growth tech environments or companies focused on energy and sustainable infrastructure.
Technical Writing: A portfolio of technical blog posts, white papers, or advanced documentation that clearly demonstrates an ability to simplify complex security concepts for various audiences.
Crusoe offers a competitive benefits package designed to support your financial security, health, and overall well-being. This includes pension contributions, private health and dental insurance, income protection, life assurance, and more.
Compensation will be paid as salary or hourly. The specific compensation package will be determined by the applicant’s education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.