Security Researcher – Detection & Telemetry

About Us

Beacon is rebuilding the data and context layer for modern security operations.

Today’s security teams are drowning in noisy, inconsistent telemetry collected through brittle pipelines and legacy tooling that were never designed for the speed, scale, or complexity of today’s environments. We’re a team of engineers, researchers, and builders creating a security-first data platform that shapes, enriches, and routes the right data to the right systems – from SIEMs to data lakes to AI-powered investigation tools.

Backed by deep incident response and offensive security expertise, we’re helping organizations regain control of their telemetry, reduce operational drag, and unlock the visibility they need to defend at modern scale. We’re still early, growing fast, and looking for people who want to work on hard technical problems that materially change how defenders operate.

Role Overview

We’re looking for a security researcher with detection engineering, IR, or offensive security experience to help define how Beacon models, enriches, and validates telemetry.

What You’ll Do

• Analyze attacker behaviors and map them to high-value log sources and fields.
• Define detection primitives, enrichment logic, and coverage models.
• Identify telemetry gaps across customer environments.
• Partner with engineering on schemas and processing rules.
• Support customer conversations with domain expertise.
• Produce reusable content: coverage maps, enrichment specs, detection logic patterns.

What We’re Looking For

• 8+ years experience in detection engineering, IR, threat research, or red/blue team.
• Strong understanding of cloud, identity, SaaS, endpoint, and network telemetry.
• Ability to translate attacker TTPs into data requirements.
• Strong communication skills.

Nice-to-Haves

• Experience building detection logic with Sigma, Elastic, or similar tools.
• ATT&CK mapping / coverage modeling experience.
• Exposure to data pipelines.

What Success Looks Like

• Beacon’s coverage and enrichment logic becomes sharper and more defensible.
• Customers gain clearer insight into their telemetry posture.
• Engineering ships features grounded in real attacker behavior.

Why Beacon

At Beacon, you’ll work on problems that matter: building the data foundations that modern security operations – and the next generation of AI-driven defense – will rely on.

We’re a low-ego, high-ownership team that values clear thinking, strong engineering fundamentals, and the ability to turn complex ideas into real systems used by real security teams. You’ll collaborate directly with experienced IR and offensive researchers, shape products with immediate customer impact, and operate in an environment where good ideas move quickly from design to production.

If you want to work on deep technical challenges, contribute to an architecture-first approach to security data, and help define a new category from the ground up, you’ll feel at home here.