At Typeform (Permanent), in Barcelona, Spain
Expires at : 2020-09-24
Here’s what you’ll do :
Analyze the latest attacker techniques and find ways to detect them across the company's big range of environments and endpoints.
Define, implement, and fine tune our detection system and data sources to effectively handle malicious activity.
Work with the Engineering and Operations teams to create threat detection signals, provide new tooling, and improve their ability to respond quickly.
Analyze security data and report on threats and incidents across various platforms and environments.
Build automation to improve detection and response capabilities.
Continuously test the strength of our detectors and plug any gaps.
Pitch actions for OS hardening to the IT / Ops teams.
Train others and promote security awareness in the company.
Try to beat the high score on the arcade machine we built.
Here’s what we’re after :
You have a BS / MS / PhD in Computer Science, Information Systems, or equivalent experience.
You have an excellent understanding of and experience in a range of security areas like intrusion detection, incident response, malware analysis, and forensics.
You have experience detecting abuse and attacks in different environments.
You have experience with cloud environments (AWS preferred).
You’ve worked with multiple stakeholders such as engineering / operations teams, internal business units, and external incident response teams at every stage of an incident.
You have strong experience with Linux and / or Windows at an admin level.
You know about all these detection-related disciplines, with experience in one or more :
Large scale analysis of log data using tools such as Splunk, Sumologic, or ELK.
File integrity system, memory, or live response on Windows, MacOS and / or Linux.
Analysis of network traffic from intrusion detection systems and flow monitoring systems.
Host-level detection with tools such as Auditd, SysMon and osquery.
Antivirus and EDR solutions.
Nice to have
And for some added bonus points :
You have a security certification such as GIAC. Skills in the right area are just as beneficial.
You have software engineering experience with Python, Ruby, Go or other OOP languages.
You have experience with MITRE ATT&CK matrix testing, and building relevant mitigations to threats.
You’ve contributed to open source security projects and security conferences / meetups.
You have experience working in a startup, including relevant ping pong skills.