Sr. Engineer, Security Incident Response

Sr. Incident Response Engineer

Hello there!

We're looking for an experienced Security Incident Response Engineer to join our Security Detection and Response Zone at Zapier. Zapier is on a mission to democratize automation. Over 5 million professionals already use Zapier to save more time, but there are millions more to reach. We owe it to our customers to be a responsible steward of their data and keep it safe and private.

About You

You’re a skilled Security Incident Response Engineer. You have 4+ years of experience working in security monitoring and incident response or security operations. You are the go-to person for commanding security incidents and have directly lead large-scale cross-team security incidents from kickoff to resolution and retrospective. You keep detailed records and understand the importance of forensics and communications during a crisis.

You love the challenge of Detection Engineering. Breaking down the tactics, techniques, and procedures of advanced attackers and developing alerts targeting them is your definition of fun. You are hands-on and have in-depth knowledge of security monitoring tools (IDS, SIEM, EDR, etc.), and a demonstrable knowledge of Python for log analysis. You constantly seek to improve both the quality and type of detections that exist.

You thrive for ownership over processes or tools. You are well organized, love to create clean, comprehensive and easy to follow guidelines for others to follow when you're not around. You tend to document everything that you do and are eager to collaborate on and improve tools and processes.

You’re familiar with Cloud Security. You understand AWS security best practices, and have experience investigating AWS events and findings.

You’re an excellent written communicator. You tend to document everything you do. We’re a 100% remote team, and writing is our primary means of communication at Zapier. You also have the ability to leverage multiple forms of communication to articulate complex concepts to both technical and non-technical staff, including senior management.

You’re creative and resourceful. You’re no stranger to using inventive thinking to solve an investigation. You make the most of what you have at the time, and are not afraid to make quick decisions during stressful situations.

You believe relationships are critical to success. Whether during an incident or as general practice, you strive to bring people together to create the best result you can. You have a history of collaboration across company teams, and can quickly build trust with cross-functional groups and external agencies. And you simply have great interpersonal skills and love for a team environment.

You’re solid at time management and automation. Automation is your to-go when solving problems. You’ll juggle a variety of fast-moving security projects, including building our detection capabilities and leading security incidents across the organization. As a part of a distributed team, you’ll be trusted to work with minimal supervision. As a part of a growing company, you have an opportunity to make a big impact, and you’re keen to build processes that’ll make your job more efficient over time.

Things You’ll Do

• Participate in and lead the security incident response process
• Be a key player in engineering security tools and logic in order to improve detection
• Respond to security alerts (e.g. EDR findings, security feeds, and incident alerts) and seek ways to improve the logic and triage automation
• Analyze security events relating to cloud (AWS) infrastructure or SaaS tooling
• Work across teams to implement improvements to security monitoring and telemetry
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Automate solutions to repetitive problems/tasks using languages and frameworks such as Python, Terraform, shell scripting, and more
• Participate in Red Team and Purple Team exercises
• Research and blog internally and externally about the latest information security trends or cool projects
• Help identify and implement security enhancements throughout the organization
• As a part of our All Hands Support initiative, help our customers have the best possible experience with Zapier

  The Whole Package Time Zone: EST/CST/PST   Our flexible, distributed environment lets us work with the best people from around the world. Zapiens live in 40+ countries, including the United Kingdom, Thailand, India, Nigeria, Taiwan, Guatemala, New Zealand, Australia, and more!   Zapier offers:

• Competitive salary and profit-sharing program
• Equity for All: Stock options (or equivalent) for every Zapien
• Healthcare + dental + vision coverage*
• Retirement plan with 4% company match*
• $2,000 annual learning stipend for use on courses, conferences, and more—your choice
• Two annual all-company retreats
• 14 weeks paid leave for new parents of biological or adopted children
• Customized Zapiversary rewards on your 1, 3, 5, 7 and 10 year work anniversaries
• Leading-edge equipment. We set you up with an Apple laptop and provide an additional budget for you to choose other home office accessories and software you may need.
• Time to renew. We encourage Zapiens to take at least 2 weeks off each year. Most of us take 4-5 weeks, in addition to locally recognized holidays.
• Opportunity to work with Zapier’s amazing partners network

 

*While we take care of Zapiens around the world the best we can, healthcare and retirement plans are currently available specifically in the UK, Canada, New Zealand, Australia, and United States.

How to Apply

We have a non-standard application process designed to promote inclusion and equity. We first ask a few questions in our application form that would typically be asked at the start of an initial interview. This helps speed up the process and lets us get to know you a bit better right out of the gate. Please be sure to answer each question; the resume and CV fields are optional.

After you apply, you are going to hear back from us—even if we don’t see an immediate fit with our team. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.

Zapier is an equal opportunity employer. We're excited to work with talented and empathetic people, and do not discriminate based on race, color, sex, gender identity or expression, sexual orientation, religion, national origin, physical or mental disability, military or veteran status, genetic information, pregnancy, age, or any other status protected by local law. Our code of conduct provides a beacon for the kind of company we strive to be, and we celebrate our differences because those differences are what allow us to make a product that serves a global user base.

Zapier is is committed to inclusion. As part of this commitment, Zapier will ensure that people with disabilities are provided reasonable accommodations. If reasonable accommodations are needed to participate in the job application or interview process, please contact [email protected].