Tetragon Threat Detection Engineer - Isovalent

ph3About this role /h3pCilium Tetragon is a flexible, Kubernetes‑aware security tool, with real‑time observability and enforcement. Leveraging the power of eBPF, Tetragon offers a low‑overhead, in‑kernel solution that enhances security posture by monitoring system behaviors such as process executions, system call activities, and both network and file access events. /ph3What you’ll do /h3ulliDevelop and maintain Tetragon runtime security policies to ensure customers have good visibility of suspicious activity on their infrastructure and are protected against the latest emerging threats. /liliHelp design frameworks and architectures that allow customers to easily consume policies and understand their overall security posture. /liliMonitor vulnerability disclosures (CVEs) and the latest threat intelligence to develop Tetragon runtime security policies. /liliWork with software engineers at Isovalent and Cisco to improve and enhance the capabilities of Tetragon security policies. /liliInteract with solution architects and customers as necessary to support and deploy Tetragon security policies in production. /liliPublish content and give talks based on your work. /li /ulh3Minimum Qualifications /h3ulli3+ years of experience in threat and/or vulnerability research. /lili3+ years of experience in developing security detections at scale, for use in a wide range of environments. /lili3+ years of experience working on Linux system security (e.g., capabilities, LSMs, etc.). /liliGood communication skills, both written and verbal. /li /ulh3Preferred Qualifications /h3ulliExperience with eBPF (extended Berkeley Packet Filter) and its applications in security. /liliExperience with the cloud‑native ecosystem (containers, Kubernetes, etc.) and their Linux implementation (e.g., Linux cgroups, namespaces). /li /ul /p #J-18808-Ljbffr