Mid/Sr Security Engineer (Detection and Response)

April 18

Incode Technologies

WebsiteLinkedInAll Job Openings

Powering a world of trust

Mobile Security • KYC • AML • B2B • Identity Management

51 - 200

💰 $220M Series B on 2021-12

Description

• Be the first line of defense to protect, detect, respond to, and recover from cyber-attacks in both our corporate and product environments • Develop and run tools to gather security telemetry data from cloud production systems • Automate workflows and improve identification and response time for security events • Build and optimize high signal detections with enriched data and orchestration • Define and improve processes, procedures, and technologies used for detection and response • Develop runbooks and incident playbooks for new and existing detections and influence our security operations roadmap • Lead threat hunting practices, suggest product and infrastructure signals to surface attacks and incorporate findings into security controls • Research attacker tactics, techniques, and procedures (TTPs) and craft detections to quickly identify and contain potential security threats • Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and efficiently with partners • Participate in an on-call rotation • Onboard new systems and services to SIEM and SOAR and build new detection pipelines • Facilitate incident response processes and tabletop exercises

Requirements

• Experience as a security engineer, including security monitoring, detection engineering, incident response, and threat hunting in a SaaS company • Practical understanding of common attacks, adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles • Operating systems internals and forensics experience for macOS, Windows & Linux • Domain experience managing and working with current SIEM and SOAR platforms, DLP, email security platforms, endpoint protection platforms, secure service edge, etc. • Experience developing tools and automation using common DevOps toolsets and programming languages • Understanding of malware functionality and persistence mechanisms • Ability to analyze endpoint, network, and application logs for anomalous events • Proficiency in programming in Golang or Python • Excellent collaborative skills • Outstanding written and verbal communication

Benefits

• Meaningful Equity • Flexible Working Hours & Workplace • Open Vacation Policy • Wellness Program • International Travel Opportunities • Additional benefit package according to location (401k, medical insurance, etc.)