About the role:
As a member of our Security Operations Team, you will collaborate with a global team of engineers to monitor and respond to security events, lead security incidents as Incident Commander, and lead digital forensic investigations in support of Employee Relations, Legal, Compliance or Information Security cases.
You will collaborate with leadership and a diverse team of engineers on security initiatives across the company including shaping the future of our digital forensic capabilities at Samsara.
Although you will be highly focused on digital forensics work, you will also have the opportunity to create automated workflows, and assist in process refinement and implementation. Above all, your focus is bringing Security expertise to the table in a collaborative, humble, and practical manner.
This role requires availability during PST business hours, including being on call.
You should apply if:
- You want to impact the industries that run our world: Your efforts will result in real-world impact—helping to keep the lights on, get food into grocery stores, reduce emissions, and most importantly, ensure workers return home safely.
- You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development, countless opportunities to experiment and master your craft in a hyper growth environment.
- You’re energized by our opportunity: The vision we have to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative, ambitious ideas for our customers.
- You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by a high-caliber team that will encourage you to do your best.
Click here to learn more about Samsara's cultural philosophy.
In this role, you will:
Monitor security events and provide technical analysis on alerts
- Lead information security incidents by developing the incident response strategy, lead the execution through incident closure, while providing incident updates to key stakeholders throughout the incident
- Mentor and grow staff on engineering projects and digital forensic investigations
- Assist with developing Samsara’s digital forensic capabilities
- Deliver security guidance clearly and concisely for cloud and enterprise infrastructure initiatives
- Coordinate the building of services, capabilities, integrations, and implementations of technologies to support security operations and incident response
- Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices
Minimum requirements for the role:
- 4+ years of experience in host-level digital forensics, endpoint detection & response, and forensic analysis tools (e.g. EnCase, FTK, Volatility)
- One of more of the following certifications:
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Certified Forensic Analyst (GCFA)
- EnCase Certified Examiner (EnCE)
- Certified Forensic Computer Examiner (CFCE)
- Ability to communicate investigative findings and strategies to technical staff, executive leadership, and legal
- Ability to build scripts or tools to support Samsara’s incident investigation processes, with a proficiency in Python
- Mentor and train security operation engineers on data collection, analysis and reporting technical analysis
- Experience designing and implementing engineering solutions and tools for digital forensic capabilities
- Practical experience acting as a lead during security incident response, including triage, and coordinating across teams
An ideal candidate also has:
- Experience in security competitions, CTFs, and/or testing platforms
- Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
- Splunk certifications