Threat and Incident Response - Senior Security Engineer
LULA
·
Posted:
February 18, 2023
·
Remote
About the position
Looking for a Security Engineer with experience in detection and incident response engineering. The role involves operating and building tools and detections to catch and contain incidents, ensuring the trust of LULA's customers. The team is multi-disciplinary, with a focus on Linux, macOS, and detection and response capabilities. The position offers greenfield opportunities to apply prior experience and vision in implementing and enabling LULA's detection and response program.
Responsibilities
- Develop, apply, and refine detection and incident response playbooks
- Perform oncall duties triaging detection and incident response events
- Analyze data from disparate sources, correlating noise into security events
- Improve detection workflows with automation and alert enrichments
- Write detection rules to identify threats specific to our environment
- Share knowledge and experience with peer teams and engineers
Requirements
- Experience in performing detection and incident response engineering
- Knowledge and skills in Linux, macOS, and detection and response capabilities
- Ability to develop, apply, and refine detection and incident response playbooks
- Proficiency in triaging detection and incident response events
- Strong analytical skills to analyze data from different sources and correlate noise into security events
- Familiarity with automation and alert enrichments to improve detection workflows
- Ability to write detection rules specific to the environment
- Willingness to share knowledge and experience with peer teams and engineers
Benefits
- Develop, apply, and refine detection and incident response playbooks
- Perform oncall duties triaging detection and incident response events
- Analyze data from disparate sources, correlating noise into security events
- Improve detection workflows with automation and alert enrichments
- Write detection rules to identify threats specific to our environment
- Share knowledge and experience with peer teams and engineers
- 8+ years experience as a security engineer in related domains
- Experience in operational teams or responsible as the first responder to security incidents
- Knowledge of operating systems, file systems, and memory on OS X, Linux, Windows, or iOS/Android.
- Coding or scripting proficiency in one or more languages
- Experience improving operational teams capabilities/KPI's
- Practical experience with attacker tactics, techniques, and procedures