To complement our rapid growth, we’re looking for a Hunt and Incident Response Engineer to help us maintain, develop, integrate, and enhance our security solutions and infrastructure now and for the future. This role will also involve playing a key part in evaluating vendors and testing different solutions to see if they meet our needs. This position will be crucial in integrating new and existing security solutions with our systems and software. When not working on engineering tasks, you'll be actively involved in proactive threat hunting and incident response. This position is open to qualified applicants within the United States, with occasional travel to our San Ramon, CA headquarters. Candidates residing within 50 miles of our San Ramon, CA or San Francisco, CA offices are required to be in the office three days a week (Mondays, Wednesdays, Thursdays).
- Development of security products: Address and fulfill the current security operation needs by developing and/or integrating essential security products.
- Solution Integration: Lead the integration of new security solutions into our existing infrastructure.
- Maintenance: Help maintain our current security solutions to ensure that current security operations are as effective as possible.
- Improvement: Identify areas for improvement within our systems and solutions and implement effective changes.
- Vendor Evaluation: Assess solutions for their compatibility, effectiveness and value to the organization and provide decision support.
- Testing and Analysis: Perform thorough testing and analysis of security solutions to evaluate and convey their strengths, weaknesses, and suitability for our current environment.
- Intel Gathering: Continuously research the latest security technologies and trends to keep our security posture resilient and contemporary.
- Collaboration: Collaborate with other teams and meet their needs.
- Incident Response: Assist the SOC team with advanced incident response skills when required, including compromise assessment and root cause analysis.
- 3-5 years of experience in Enterprise Cybersecurity or relevant Information Security engineering roles.
- Proficient in scripting/coding with Bash, PowerShell, Python or similar, and Terraform.
- Solid understanding of cloud computing platforms like GCP, AWS, and Azure.
- Familiar with Git or other version control systems.
- Excellent communication and interpersonal skills to collaborate effectively with diverse teams.
- Knowledgeable in identity solutions, access patterns, modern security protocols, and principles like Zero Trust, least privilege, and defense in depth.
- Recognize the importance of prioritizing security work due to limited resources across teams.
- Possess good judgment to know when to compromise and when to stand firm.
- Experience with SIEMs from an engineering perspective is a plus.
#LI-RN1