Government Careers
  • Tetragon Threat Detection Engineer

  • Cisco
  • New York, New York 10115 United States View Map

Cilium Tetragon Threat Detection Engineer

Cilium Tetragon is a flexible, Kubernetes-aware security tool, with real-time observability and enforcement. Leveraging the power of eBPF, Tetragon offers a low-overhead, in-kernel solution that enhances security posture by monitoring system behaviors such as process executions, system call activities, and both network and file access events.

Tetragon Threat Detection Engineers primarily focus on creating and maintaining Tetragon runtime security policies, based on the latest threat intelligence, vulnerability disclosures, and their own research. Policies can act either as a mitigation to known vulnerabilities or as monitoring and protection against unknown security issues.

What You'll Do:

  • Develop and maintain Tetragon runtime security policies to ensure customers have good visibility of suspicious activity on their infrastructure and are protected against the latest emerging threats
  • Help design frameworks and architectures that allow customers to easily consume policies and understand their overall security posture
  • Monitor vulnerability disclosures (CVEs) and the latest threat intelligence to develop Tetragon runtime security policies
  • Work with software engineers at Isovalent and Cisco to improve and enhance the capabilities of Tetragon security policies
  • Interact with solution architects and customers as necessary to support and deploy Tetragon security policies in production
  • Publish content and give talks based on your work

Minimum Qualifications:

  • 3+ years of experience in threat and/or vulnerability research
  • 3+ years of experience in developing security detections at scale, for use in a wide range of environments
  • Experience working on Linux system security (e.g., capabilities, LSMs, etc.)
  • Good communication skills, both written and verbal

Preferred Qualifications:

  • Experience with eBPF (extended Berkeley Packet Filter) and its applications in security.
  • Experience with the cloud-native ecosystem (containers, Kubernetes, etc.) and their Linux implementation (e.g., Linux cgroups, namespaces)

Cilium Tetragon Threat Detection Engineer

Cilium Tetragon is a flexible, Kubernetes-aware security tool, with real-time observability and enforcement. Leveraging the power of eBPF, Tetragon offers a low-overhead, in-kernel solution that enhances security posture by monitoring system behaviors such as process executions, system call activities, and both network and file access events.

Tetragon Threat Detection Engineers primarily focus on creating and maintaining Tetragon runtime security policies, based on the latest threat intelligence, vulnerability disclosures, and their own research. Policies can act either as a mitigation to known vulnerabilities or as monitoring and protection against unknown security issues.

What You'll Do:

  • Develop and maintain Tetragon runtime security policies to ensure customers have good visibility of suspicious activity on their infrastructure and are protected against the latest emerging threats
  • Help design frameworks and architectures that allow customers to easily consume policies and understand their overall security posture
  • Monitor vulnerability disclosures (CVEs) and the latest threat intelligence to develop Tetragon runtime security policies
  • Work with software engineers at Isovalent and Cisco to improve and enhance the capabilities of Tetragon security policies
  • Interact with solution architects and customers as necessary to support and deploy Tetragon security policies in production
  • Publish content and give talks based on your work

Minimum Qualifications:

  • 3+ years of experience in threat and/or vulnerability research
  • 3+ years of experience in developing security detections at scale, for use in a wide range of environments
  • Experience working on Linux system security (e.g., capabilities, LSMs, etc.)
  • Good communication skills, both written and verbal

Preferred Qualifications:

  • Experience with eBPF (extended Berkeley Packet Filter) and its applications in security.
  • Experience with the cloud-native ecosystem (containers, Kubernetes, etc.) and their Linux implementation (e.g., Linux cgroups, namespaces)
Government Careers

Government Careers

Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.

Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.

Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.

Show more

MORE JOBS