Samsara - Dallas, TX
posted about 1 month ago
About the position
As a member of our Security Operations Team, you will collaborate with a global team of engineers to monitor and respond to security events, lead security incidents as Incident Commander, and lead digital forensic investigations in support of Employee Relations, Legal, Compliance, or Information Security cases. Although you will be focused on security incident response, you will also have the opportunity to create and maintain runbooks, and automated workflows, and assist in process refinement and implementation. You will collaborate with a diverse team of analysts, engineers, and key stakeholders on security initiatives across the company. Above all, your focus is bringing Security expertise to the table in a collaborative, humble, and practical manner.
Responsibilities
- Monitor security events and provide technical analysis on alerts
- Lead information security incidents and employee investigations by developing the incident response strategy, lead the execution through incident closure, while providing incident updates to key stakeholders throughout the incident
- Deliver security guidance clearly and concisely for incident response and insider threat initiatives
- Coordinate the building of services, capabilities, integrations, and implementations of technologies to support security operations, incident response, and insider threat
- Champion, role model, and embed Samsara's cultural principles as we scale globally and across new offices
Requirements
- 4+ years of experience in Security Incident Response
- Ability to communicate investigative findings and strategies to technical staff, executive leadership, and legal
- Ability to build scripts or tools to support Samsara's investigation processes, with proficiency in Python
- Mentor and train security operation engineers on data collection, analysis, and reporting technical analysis
- Practical experience acting as a lead during security incident response, including triage, and coordinating across teams
- Understanding of analysis and forensics techniques on macOS, Windows, and Linux
- Experience utilizing SIEM tools to perform log reviews
- Experience in cloud architecture and security (AWS, GCP) and cloud-based services
- Must reside in the Pacific Time Zone, Mountain Time Zone or Central Time Zone of the United States
Nice-to-haves
- 4+ years of experience working on insider threat initiatives or employee investigations
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field
- GIAC Certified Incident Handler (GCIH) Certification
- Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO 27001, FedRAMP
