Principal Detection & Response Engineer
BitMEX
·
Posted:
April 21, 2023
·
Remote
About the position
The Principal Detection & Response Engineer at BitMEX is responsible for protecting the company from external and internal threats by designing, building, and implementing tools that aid in the detection, mitigation, or response to security threats. They will also define and refine security detection and response policies and processes, work with internal and external partners to obtain actionable intelligence, and identify security gaps and implement constant improvements to the security stack. The ideal candidate should have at least 10 years of experience in Information Security or related fields, experience in creating detection use cases in Security Information and Event Management (SIEM) tools, and experience in digital forensics analysis and incident response.
Responsibilities
- Proactively identify and respond to emerging security threats
- Support a global, multi-timezone, on-call rotation for incident triage & response
- Develop, maintain and tuning tools that aid in the detection, mitigation or response to security threats
- Define and refine security detection and response’s policies and processes
- Work with internal and external partners to obtain actionable intelligence to protect the firm.
- Identify security gaps and implement constant improvements to our security stack
- Communicate effectively with lines of business and clients to address complex information security issues
- Mentor and provide security guidance to various organizations throughout the company
Requirements
- Proactively identify and respond to emerging security threats
- Support a global, multi-timezone, on-call rotation for incident triage & response
- Develop, maintain and tuning tools that aid in the detection, mitigation or response to security threats
- Define and refine security detection and response’s policies and processes
- Work with internal and external partners to obtain actionable intelligence to protect the firm.
- Identify security gaps and implement constant improvements to our security stack
- Communicate effectively with lines of business and clients to address complex information security issues
- Mentor and provide security guidance to various organizations throughout the company
- 10+ years experience in Information Security or related fields.
- Experience in creating detection use cases in Security information and event management (SIEM) tools.
- Experience in supporting and configuring Endpoint detection and response (EDR) tools.
- Experience in digital forensics analysis and incident response
- Experience in cloud environment and cloud security
- Knowledge of HIDS/NIDS tools such as osquery, or zeek (formally bro)
- Understanding of emerging adversary tactics, techniques and procedures
- Software development skills in languages such as Python, Golang, Ruby, C, C++, or similar
- Knowledge of malware analysis & reverse engineering
- Strong written and oral communication skills
- Candidates with less experience will be considered for the Senior Detection & Response Engineer position.
Benefits
- Proactive identification and response to emerging security threats
- Support for a global, multi-timezone, on-call rotation for incident triage & response
- Development, maintenance, and tuning of tools that aid in the detection, mitigation, or response to security threats
- Definition and refinement of security detection and response policies and processes
- Identification of security gaps and implementation of constant improvements to the security stack
- Effective communication with lines of business and clients to address complex information security issues
- Mentorship and security guidance to various organizations throughout the company