Senior Security Engineer, Incident Response

At DFINITY we're building a world class Security team which re-defines Information Security as we know it. This requires a bias towards building solutions that are secure by default, use defense in de

At DFINITY we’re building a world class Security team which re-defines Information Security as we know it. This requires a bias towards building solutions that are secure by default, use defense in depth and enhance user experience. This role within the Infrastructure security team is for a Senior Incident Response Engineer looking to achieve such a vision.

Responsibilities

  • Develop a scalable Security Incident and Event Management (SIEM) solution for On-prem infrastructure.
  • Design and implement log ingestion and analytics for a Global Security Operations Center (GSOC).
  • Build and maintain automation for Incident Response processes.
  • Develop Incident Response runbooks and assist in root cause analysis and incident reviews as needed.
  • Monitor and analyze emerging threats, vulnerabilities and exploits.

Requirements

  • 5-10 years of hands-on experience on Incident Response and Detection, Threat hunting and Forensics teams
  • BS or MS in Computer Science or a related field is preferred
  • Hands-on experience with IR toolchain (eg: Osquery, Crowdstrike, ELK, SIEM, Solarwinds, Chef, Ansible, Terraform, etc).
  • Ability to develop tools using programming languages such as Ruby, Python, Perl etc.
  • Familiarity with blockchain and cryptocurrency technologies a bonus
  • Experience working in a Security Operations Center (SOC) or similar
  • Experience working within high-pressure environments or with high-value customers
  • Technical proficiency in Information Security controls, specifically system-level controls
  • Technical proficiency and/or broad expertise with IT/network controls
  • Experience with Endpoint Detection & Response (EDR) tools
  • Digital Forensics and Incident Response (DFIR) experience