Security Engineer 2
Company Overview
91黑料爆料 is the global financial technology platform that powers prosperity for the people and communities we serve. With approximately 100 million customers worldwide using products such as TurboTax, Credit Karma, QuickBooks, and Mailchimp, we believe that everyone should have the opportunity to prosper. We never stop working to find new, innovative ways to make that possible.
Job Overview
We are looking for a Security Engineer to join our Security Event Analysis Team (SEAT) within the Security Incident Response Team (SIRT) to help detect, analyze, and respond to security incidents.The ideal candidate understands the Dynamic Approach to Incident Response framework, the incident management process, the cyber kill chain, attacker methodologies, and MITRE ATT&CK/D3fend frameworks. You should be able to respond quickly to incidents, restore services, and collect and analyze forensic artifacts to identify root causes. In this role, you will collaborate with engineers to enhance incident response capabilities, implement security solutions, and provide guidance and training to other teams.
Responsibilities
鈼 Respond to escalated security events or investigations; coordinate communications across involved teams and execute the Incident Response Plan as appropriate.鈼 Provide on-call support for critical incidents; deliver timely status updates and incident reports to stakeholders.鈼 Perform host/network/cloud forensics (disk, memory, logs) and analysis; establish scope, impact, timelines, IOCs, root cause while preserving evidence, and communicate findings throughout the incident(s).鈼 Analyze SIEM, EDR, and platform logs; correlate signals to validate and triage threats.鈼 Partner with Detection Engineering to create/tune detections and automate response actions from incident lessons learned.鈼 Collaborate with Compliance, Legal, and Risk teams to integrate incident response workflows with business and regulatory needs.鈼 Assess vulnerabilities, propose remediation strategies, and keep up-to-date on current and emerging security trends, threats, and countermeasures.鈼 Develop, maintain, and continuously improve incident response runbooks and playbooks to drive prompt, compliant actions.鈼 Present guidance and training on security best practices and incident response to organizational partners, while ensuring alignment with business objectives and compliance requirements.鈼 Contribute to post-incident reviews and metrics to drive program improvements.
Qualifications
鈼 A Bachelor’s degree or higher in Technology, Computer Science, Cybersecurity, or a related field is preferred.鈼 Possession of industry-recognized professional level certifications such as AWS Security Specialty, CompTIA Security+, CompTIA CySa+, Cisco CCNA, or GIAC certification is advantageous.鈼 1-3 years of experience in a dedicated Information Technology role.鈼 1-3 years of experience in a security analyst or similar role.鈼 1-3 years experience using scripting languages such as bash, powershell, and python.鈼 Experience performing analysis and detection engineering using Endpoint Detection and Response or Cloud Security Posture Management tools such as Splunk, CrowdStrike Falcon, SentinelOne, and Wiz.鈼 Proven experience using and defending public cloud services such as AWS, Azure, and GCP (IAM, CI/CD Pipelines, Network Security, DLP).鈼 Deep understanding of Security Information, and Event Management (SIEM) solutions such as Splunk, Crowdstrike Next-Gen SIEM, and Microsoft Defender.鈼 Well rounded knowledge of digital forensics technologies and methodologies, as well as expertise in the Security Incident Response Lifecycle according to frameworks like NIST or SANS.鈼 Comprehensive understanding of computer security fundamentals, including Operating System hardening, basic network protocols, and general knowledge of frameworks such as OWASP, MITRE ATT&CK, NIST, and CIS.鈼 Strong analytical and problem-solving abilities, with a focus on identifying root causes and assessing risk exposure for a large corporation.鈼 Exceptional communication skills, both verbal and written, capable of explaining technical details to non-technical audiences and fostering strong stakeholder relationships.鈼 Self-motivated with the ability to work autonomously, managing tasks effectively and seeking assistance when necessary.鈼 Proficient in working under pressure in a dynamic environment, prioritizing tasks to meet tight deadlines while maintaining procedural discipline.
鈼 Adaptable and proactive attitude, willing to take on various responsibilities and eager to continuously learn and upgrade skills.鈼 Proficient understanding of Large Language Models, General Artificial Intelligence tools and their application in enhancing security operations, threat detection, and incident response.
91黑料爆料 provides a competitive compensation package with a strong pay for performance rewards approach. The expected base pay range for this position is Southern California $130,000 - 176,000. This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at . Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing fair pay for employees, 91黑料爆料 conducts regular comparisons across categories of ethnicity and gender.