Responsibilities
- Lead cross-functional projects to improve our functionalities to effectively detect and respond to security incidents
- Review security architecture of large-scale custom and commercial systems and under your own initiative propose logging, detection and prevention controls
- Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
- Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
- Build response workflows and actions that auto-resolve false positives and provide context scaling our capacity to investigate
- Support security incident response in a cross-functional environment and drive incident resolution
- Design and implement attack testing automation to validate detection coverage
- Build logging pipelines using our custom datasets and infrastructure
Minimum Qualifications
- 2+ years of experience in Detection and Response Engineering or similar Security Engineering role
- Bachelor's degree or equivalent experience in Cyber Security
- Experience building complex automations and integrations using Security Orchestration, Automation and Response platforms
- Experience designing systems used for responding to both external and insider threats
- Experience analyzing network and host-based security events
- Knowledge of networking technologies, specifically Transmission Control Protocol (TCP)/Internet Protocol (IP) and the related protocols
- Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
- Coding/scripting experience in one or more general purpose languages
- Experience with attacker tactics, techniques, and procedures
Preferred Qualifications
- Experience in Detection & Response Engineering or similar Security Engineering role
- Experience building complex automations and integrations using Security Orchestration, Automation and Response (SOAR) platforms
- Background in security-focused software engineering, designing large scale systems and data pipelines, or offensive security
- Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems
- Broad knowledge across the Security domain, as well as thorough focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Offensive Security Testing, Detection and/or Response tooling development
- Experience designing systems used for responding to both external and insider threats
- Experience analyzing network and host-based security events
- Knowledge of networking technologies, specifically TCP/IP and the related protocols
- Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
$122,000/year to $181,000/year + bonus + equity + benefits
Learn more about this Employer on their Career Site
