What we’re looking for…

ScienceLogic is looking for a Senior Security Engineer who will design and implement systems and procedures to sustain the security, integrity, and availability of the organization's data. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization's systems and the data contained in them. Track security violations and identify trends or exposures that could be addressed by additional training, technical measures, or use of application tools to enhance security. May participate in ethical simulated attacks or security violations to assess the organization's data security measures.

What you’ll be doing…

• Conduct platform or operating system vulnerability scans that assess exposure of system to attacks or hacking. Monitor Security Operations pager and respond to issues of potential viral activity, spam, phishing.
• Administer controls and review their application to ensure that system's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls.
• Investigate events or incidents of apparent security breaches and report to appropriate authorities using corporate procedures.
• Collaborate with internal and external auditors to ensure that appropriate controls are installed, operating properly, and being monitored and reported.
• May plan and/or conduct tests of the core infrastructure and the contingency environment for critical business applications to ensure business continuity in the event of a computer security incident.
• Aggregate metrics of operation of security controls, as well as apparent attacks, breaches, and other pertinent data; track trends and prepare for periodic security reports.
• Measure and improve patch management procedures with appropriate teams.
• Participate in projects designed to test defenses against hacking, denial of service, spam, break-ins, or similar attacks. May provide guidance to infrastructure or application staff participating in exercise.
• Examine and/or test new methodologies or tools that could be adopted to enhance security of platforms, infrastructure, or access to data.
• Other duties as required.

Qualities you possess…

• US Citizenship with the ability to obtain a public trust clearance required.
• Bachelor's Degree or equivalent required.
• Applicable certifications are desired.
• 5+ years of related experience in an IT Security related field.
• 5+ years of experience as system or network administrator or a support specialist in a SOC environment.
• Solid understanding of basic fundamentals in TCP/IP and the OSI model as well as common routing protocols.
• Experience with SOC 2 and/or ISO 27001 audits and certifications.
• Experience working with Firewalls and IDS technologies .
• Problem solving skills complimented with experience in solving information security device and application issues with customers is a must.
• SOC/NOC experience desired. Good verbal and written communication skills as well as attention to detail.
• Exceptional customer service skills and interpersonal skills. Ability to work in small teams.
• Must be able to resolve highly complex and technical business problems.
• Understanding of threat agents, attack vectors, and attack patterns as well as compensating controls and design patterns needed to mitigate risk.
• Possesses a broad domain level of expertise to resolve complex issues and performs detailed network analysis across a broad range of network and other technologies both on premise as well as cloud and hosted environments.
• Demonstrated skills on technical procedures development (equipment configuration) for testing and implementation of design changes.
• Create technical documentation and diagrams using Microsoft Visio, Excel, Word and PowerPoint.
• Knowledge of single sign-on integration with on premise and cloud toolset.
• Knowledgeable of Network Design and Project Management methodologies.
• Excellent presentation/verbal communication skills.

Recommended Certifications or Skills

• Security+
• Associate CISSP
• Associate SSCP
• Associate CCSP
• OS/Linux/Windows/macOS
• Directory Services
• Microsoft Security Center, Intune, Defender
• Network Protocols
• Scripting Languages (Python/Bash/PowerShell)

Benefits & Perks

• A remote-first culture - work from home or come into the office, it's totally up to you.
• Comprehensive medical, dental and vision plans.
• 401(k) plan with employer match.
• Flexible Paid Time Off (FTO) so that you can take the time that you need to re-energize.
• Volunteer Time Off (VTO) - take two days off per calendar year to volunteer with your preferred charitable organization.
• 5-year Service Milestone Sabbatical.
• Paid parental leave.
• Generous employee referral bonus program.
• Pet insurance.
• HQ Office centrally located in Reston Town Center featuring a well-stocked kitchen with rotating snacks and beverages, and catered lunch on Thursdays.
• Regular virtual company-wide events, including cooking classes, yoga, meditation and more.
• The opportunity to learn and develop from some of the best and brightest minds in the industry!

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At ScienceLogic, we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which you are applying.

About ScienceLogic

We empower intelligent and automated IT operations.

The ScienceLogic SL1 platform enables companies to digitally transform themselves by removing the difficulty of managing complex, distributed IT services. We use patented discovery techniques to find everything in your IT environment, so you get visibility across all technologies and vendors running anywhere in your data centers or clouds

www.sciencelogic.com

Overview

We're looking for experienced Security Engineers to join our fast moving security team. We work on a range of interesting and challenging problems, from supporting thousands of concurrent shoppers and processing millions of data points in real time, to developing and enhancing internal tools, addressing vulnerabilities and managing secrets.

Our goal is to run the world's most trusted and secure delivery platform. We work across all layers of our infrastructure to ensure we deploy trustworthy systems and protect our customers’, shoppers’, and partners’ data.

About the Team

You will be a key member of the Security Engineering team that is responsible for developing security-focused features and frameworks for Instacart in both production and infrastructure space. Ideally a hybrid builder/breaker, you will have an opportunity to lead high impactful projects across the platform and assist in defining the internal team processes. You will be directly influencing the security posture of many products and systems across the company. 

About the Job 

• Design, implement and ship high-quality security features for the product and internal tools across Instacart with a strong sense of urgency and accountability such as:
• Secrets & Vulnerability management
• IAM and Zero Trust
• Platform abuse prevention & mitigation 
• Data analytics hardening 
• Work closely with product managers, designers, data scientists, and peer engineering teams to define project requirements and execution plans.
• Identify unaddressed areas of security weakness and help the teams come up with efficient and scalable solutions.
• Provide software engineering resource for sister teams in the areas of infrastructure hardening, detection, and response
• Participate in the team’s on-call by handling and running security incidents

About You

MINIMUM QUALIFICATIONS

• 5+ years of experience in Security Engineering or related role
• Strong knowledge of common back-end web technologies (such as Ruby on Rails, Python, Golang, SQL, etc.) in a large scale distributed system environment
• Experience with threat modeling, security assessments, product security concepts, and security architecture reviews
• An ability to make data-driven decisions & prioritize initiatives that improve key security metrics
• An ability to balance a sense of urgency with shipping high-quality and pragmatic solutions.
• Strong self-management and organizational skills
• Experience developing tools and automation using common devops toolsets and programming languages

PREFERRED QUALIFICATIONS

• Bachelor’s degree in Computer Science, Engineering, Math or related work experience
• In depth knowledge on the best remediation techniques for different application vulnerabilities and the ability to explain them to product teams
• An ability to create written work products and detailed technical documents to work effectively with cross functional teams and drive alignment on security objectives and plans.
• Breaker experience, such as web/application penetration testing
• Experience working with highly ephemeral environments
• A security-related or architecture-related certification such as CISSP, OSCP, CEH

About the Team

Come help us build the world's most trusted on-demand, logistics engine for delivery! We're building a team of great minds to help us secure and maintain a 24x7, no downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers.

About the Role

The Corporate Security Engineering team is designing and building DoorDash’s next generation defense for the ever-changing landscape of the DoorDash corporate environment. From collaboration systems, endpoint hardening, AI proliferation in internal workflows and 3rd Party Services, to whatever the next big trend in the tech industry is, the Corporate Security Engineering team is responsible for making sure we have appropriate controls in place to keep customer and company data safe. More importantly, your north star is making security usable, breaking down bad habits and click fatigue in favor of solutions that improve security posture while enabling the business to move faster. Occasional travel is required for major planning meetings and to maintain supportive relationships with your direct reports.

You’re excited about this opportunity because you will…

• Protect the DoorDash brand by making it harder for threat actors to impersonate our email, web presence, and overall brand
• Build tooling to solve both security and usability problems, making it easier for people to do the right thing, and harder to do the wrong thing
• Secure our brand integrity through securing communication channels and collaboration systems
• Serve as an architect in solutioning, implementing and the productionalizing systems and services that interact with all classifications of corporate data
• Manage vendor relationships, ensuring we’re using the product correctly and to its full capability 
• Secure the endpoint-to-endpoint model, from device to remote resource, making sure ts is who they say they are and they are accessing what they’re supposed to be accessing
• Work with employees, vendors, merchants, dashers and more to learn of their problem statements
• Partner with IT as we continue to grow our device and identity solutions 
• Translate policies and procedures into workflows and capabilities

We’re excited about you because…

• Have 5+ years of security engineering with a focus in corporate systems or equivalent industry experience
• You are a builder at heart, with a strong development background in Golang, Python or TypeScript
• You have experience building and refining Data Loss Prevention (DLP) solutions and rulesets, reducing false positives
• You have a successful track record implementing device security, attestation, and authorization
• You get excited about securing services like Google, Okta, Slack, and preventing abuse through SPF, DKIM and DMARC posturing
• You are an effective threat modeler, making sure integrations and business partners are held to a high security standard when connecting to our environment
• You prioritize progress over perfection, understanding that iterative improvements often outperform waiting for ideal solutions.
• Are adept at working in a very fast-paced, diverse environment and are comfortable wearing multiple hats to achieve strong security outcomes across multiple organizations

Nice to Have

Experience with these specific technologies or similar alternatives is not required but helpful.

• Experience maintaining or contributing to open-source projects
• Experience with Terraform, AWS and GCP
• Experience with the lowest level of networking, deciphering a tcpdump with ease

About DoorDash

At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users—from Dashers to merchant partners to consumers. We are a technology and logistics company that started with door-to-door delivery, and we are looking for team members who can help us go from a company that is known for delivering food to a company that people turn to for any and all goods.

DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more.

Our Commitment to Diversity and Inclusion

We’re committed to growing and empowering a more inclusive community within our company, industry, and cities. That’s why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel.

Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on “protected categories,” we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce – people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination.

Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

If you need any accommodations, please inform your recruiting contact upon initial connection.

Compensation

The location-specific base salary range for this position is listed below.  Compensation in other geographies may vary.

Actual compensation within the pay range will be decided based on factors including, but not limited to, skills, prior relevant experience, and specific work location.  For roles that are available to be filled remotely, base salary is localized according to employee work location.  Please discuss your intended work location with your recruiter for more information.

DoorDash cares about you and your overall well-being, and that’s why we offer a comprehensive benefits package, for full-time employees, that includes healthcare benefits, a 401(k) plan including an employer match, short-term and long-term disability coverage, basic life insurance, wellbeing benefits, paid time off, paid parental leave, and several paid holidays, among others.

In addition to base salary, the compensation package for this role also includes opportunities for equity grants.

We expect this position to be filled by 7/9/2024.

At Webflow, our mission is to bring development superpowers to everyone. Webflow is the leading visual development platform for building powerful websites without writing code. By combining modern web development technologies into one platform, Webflow enables people to build websites visually, saving engineering time, while clean code seamlessly generates in the background. From independent designers and creative agencies to Fortune 500 companies, millions worldwide use Webflow to be more nimble, creative, and collaborative. It’s the web, made better. 

We’re looking for a Staff Application Security Engineer to help us level up Webflow’s secure development practices ranging from secure coding, tooling, and improving procedures.

About the role 

• Location: Remote-first (United States; BC & ON, Canada) 
• Full-time 
• Permanent
• Exempt 
• The cash compensation for this role is tailored to align with the cost of labor in different geographic markets. We've structured the base pay ranges for this role into zones for our geographic markets, and the specific base pay within the range will be determined by the candidate’s geographic location, job-related experience, knowledge, qualifications, and skills.
  • United States  (all figures cited below in USD and pertain to workers in the United States)
    • Zone A: $191,600 - $260,600
    • Zone B: $180,100 - $245,000
    • Zone C: $168,600 - $229,350 
  • Canada  (All figures cited below in CAD and pertain to workers in ON & BC, Canada)
    
    • CAD 217,000 - CAD 296,350

• Please visit our Careers page for more information on which locations are included in each of our geographic pay zones. However, please confirm the zone for your specific location with your recruiter.

• Reporting to the Manager, AppSec

As a Staff Application Security Engineer, you’ll … 

• Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
• Bring security best practices to the software development lifecycle.
• Work as part of a team to champion security standards while balancing business strategies and requirements.
• Support Webflow’s security current and future compliance frameworks
• Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings.
• Contribute code and architecture improvements to enable security within Webflow’s application for engineers.
• Cross-train entry and mid-level application security engineers

In addition to the responsibilities outlined above, at Webflow we will support you in identifying where your interests and development opportunities lie and we'll help you incorporate them into your role.

About you 

You’ll thrive as a Staff Application Security Engineer if you:

• Has 7+ years of experience in application security
• Has led medium to large application security programs 
• Has led and delivered multi-quarter/complex security projects
• Has experience mentoring other application security engineers
• Led application security roadmaps in collaboration with engineering teams and organizations.
• Significant experience penetration testing, finding and developing high complexity application vulnerabilities.

Our Core Behaviors:

• Obsess over customer experience.We deeply understandwhatwe’re building andwhowe’re building for and serving. We define the leading edge of what’s possible in our industry and deliver the future for our customers.
• Move with heartfelt urgency.We have a healthy relationship with impatience, channeling it thoughtfully to show up better and faster for our customers and for each other. Time is the most limited thing we have, and we make the most of every moment.
• Say the hard thing with care.Our best work often comes from intelligent debate, critique, and even difficult conversations. We speak our minds and don’t sugarcoat things — and we do so with respect, maturity, and care.
• Make your mark.We seek out new and unique ways to create meaningful impact, and we champion the same from our colleagues. We work as ateamto get the job done, and we go out of our way to celebrate and reward those going above and beyond for our customers and our teammates.

Benefits & wellness

• Equity ownership (RSUs) in a growing, privately-owned company
• 100% employer-paid healthcare, vision, and dental insurance coverage for employees and dependents (full-time employees working 30+ hours per week), as well as Health Savings Account/Health Reimbursement Account, dependent care Flexible Spending Account (US only), dependent on insurance plan selection where applicable in the respective country of employment; Employees may also have voluntary insurance options, such as life, disability, hospital protection, accident, and critical illness where applicable in the respective country of employment
• 12 weeks of paid parental leave for both birthing and non-birthing caregivers, as well as an additional 6-8 weeks of pregnancy disability for birthing parents to be used before child bonding leave (where local requirements are more generous employees receive the greater benefit); Employees also have access to family planning care and reimbursement
• Flexible PTO with a mandatory annual minimum of 10 days paid time off for all locations (where local requirements are more generous employees receive the greater benefit), and sabbatical program
• Access to mental wellness and professional coaching, therapy, and Employee Assistance Program
• Monthly stipends to support health and wellness, smart work, and professional growth
• Professional career coaching, internal learning & development programs
• 401k plan and pension schemes (in countries where statutorily required) financial wellness benefits, like CPA or financial advisor coverage
• Discounted Pet Insurance offering (US only)
• Commuter benefits for in-office employees

Be you, with us

At Webflow, equality is a core tenet of our culture. We are an Equal Opportunity (EEO)/Veterans/Disabled Employer and are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. Employment decisions are made on the basis of job-related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law. Pursuant to the San Francisco Fair Chance Ordinance, Webflow will consider for employment qualified applicants with arrest and conviction records.

Stay connected

Not ready to apply, but want to be part of the Webflow community? Consider following our story on our Webflow Blog, LinkedIn, X (Twitter), and/or Glassdoor.

Please note:

To join Webflow, you'll need valid U.S. or Canadian work authorization depending on the country of employment.

If you are extended an offer, that offer may be contingent upon your successful completion of a background check, which will be conducted in accordance with applicable laws. We may obtain one or more background screening reports about you, solely for employment purposes.

For information about how Webflow processes your personal information, please reviewWebflow’s Applicant Privacy Notice. 

About the Role:

The Tubi Security team is responsible for securing Tubi and Adrise applications and infrastructure. As a member of the Tubi Security team, the Staff Cloud Security Engineer will be responsible for securing the cloud infrastructure of both applications. Candidates for this should have a passion for reducing security risks in a cloud environment while building great partnerships with key stakeholders and engineers. 

Responsibilities:

• Design, implement, and maintain secure architecture and infrastructure components, including networks, systems, and cloud environments, in accordance with industry best practices and regulatory requirements
• Develop and deploy security controls and monitoring systems to detect and prevent security threats, intrusions, and vulnerabilities
• Conduct and perform security reviews, threat models, and security assessments to identify and remediate security weaknesses
• Build automation and tools for security fixes and policy enforcement
• Participate in incident response, red/blue team exercises, and vulnerability triage 

Qualifications:

• 8+ years of experience in cybersecurity with a focus on cloud and infrastructure security
• Deep understanding of cloud security architecture (AWS preferred) and network security
• Hands-on experience with SIEM, WAF and DDOS prevention tools
• An understanding of security best practices, frameworks and principles such as OWASP Top 10, NIST CSF, SLSA Framework, and zero-trust
• Great understanding of modern cloud technology components and deployment pattern such as containers, Kubernetes, infrastructure as code, etc
• Experience performing threat models and risk assessments
• Familiarity with compliance and privacy regulations such as SOX and GDPR
• Excellent communication and problem solving skills with proven ability to collaborate effectively with technical and non-technical stakeholders

#LI-MQ1 

As a Senior Security Engineer on our Detection and Response team, you will help detect and respond to threats for one of the biggest online platforms in the world that handles massive amounts of traffic at very low latency.

We are looking for a teammate with expertise in both security engineering and operations and that values the complement between the two. You will have the opportunity to build and integrate tooling and detections, as well as investigate threats and lead incidents. As part of the larger Security organization, we make risk-informed decisions and prioritize automations to help us scale. In this role, you will help design, build, and mature our detection and response program, enabling rapid detection and effective response to threats against Fastly.

What You'll Do:

• Develop detections and other analytics to identify threats across cloud, corporate, and edge environments
• Partner closely with Engineering, Security Architecture, Risk Management, Compliance, and other teams to prioritize detections and delivery of other security initiatives
• Triage and investigate security threats and lead security incidents
• Research, evaluate, implement, and maintain a variety of custom and commercial security tools, such as Endpoint Detection and Response (EDR), anti-phishing, and Security Information and Event Monitoring (SIEM)
• Develop strategies, frameworks, designs, automations, metrics, and processes to support the maturity of the Detection and Response program
• Develop and maintain incident response playbooks and other detection and response documentation
• Conduct threat hunts to discover unknown malicious activity across our environment
• Participate in our on-call rotations
• Mentor other team members and contribute to larger Security initiatives

What We're Looking For: 

At Fastly we value a diversity of voices. The following is not a laundry list, but to be effective in this role you should possess most of the following and an interest in learning more about the rest:

• Experience in utilizing Splunk to include investigating threats, developing metrics and dashboards, normalizing data feeds, and integrating with other tools
• Familiarity of attacker tactics, techniques, and procedures (TTPs) and investigating advanced threats
• Experience in evaluating, implementing, configuring, tuning, and maintaining Endpoint Detection and Response solutions
• Experience with at least one major public cloud infrastructure, such as Amazon Web Services (AWS) or Google Cloud Platform (GCP)
• Experience in effectively leading large and complex security incidents from detection to remediation
• Familiarity with modern security frameworks and best practices, such as the MITRE ATT&CK framework and NIST CSF
• Proficiency in one or more general purpose programming languages such as Python, Ruby, Go, or Rust
• Experience with Linux administration at scale, associated intrusion/manipulation techniques, and standard methodologies for system hardening and process isolation

We’ll be super impressed if you have experience in any of these: 

• Developed “detections-as-code”
• Conducted threat hunts
• Published research on detection engineering or threat intelligence
• Developed automations to improve security operations
• Familiarity with content delivery networks (CDN), edge cloud platforms, or other Fastly products and services

Work Hours:

This position will require you to be available during core business hours and support an on-call rotation. 

Work Locations & Travel Requirements: 

This position is open to both hybrid and remote work. 

The preferred locations for this position are:

• San Francisco, CA 
• Los Angeles, CA 
• Denver, CO 
• New York City, NY

Fastly currently embraces a largely hybrid model for most roles which allows employees flexibility to split their time between the office and home.  

We are willing to consider remote candidates in US (Remote). 

This position may require travel as required by your role or requested by your manager.

Salary: 

The estimated salary range for this position is $155,370 to $194,210.

Starting salary may vary based on permissible, non-discriminatory factors such as experience, skills, qualifications, and location.

This role may be eligible to participate in Fastly’s equity and discretionary bonus programs.

Benefits: 

We care about you. Fastly works hard to create a positive environment for our employees, and we think your life outside of work is important too. We support our teams with great benefits that start on the first day of your employment with Fastly. Curious about our offerings? 

We offer a comprehensive benefits package including medical, dental, and vision insurance. Family planning, mental health support along with Employee Assistance Program, Insurance (Life, Disability, and Accident), a Flexible Vacation policy and up to 18 days of accrued paid sick leave are there to help support our employees. We also offer 401(k) (including company match) and an Employee Stock Purchase Program. For 2024, we offer 10 paid local holidays, 11 paid company wellness days. 

About the role:

As a member of our Security Operations Team, you will collaborate with a global team of engineers to monitor and respond to security events, lead security incidents as Incident Commander, and lead digital forensic investigations in support of Employee Relations, Legal, Compliance or Information Security cases.

You will collaborate with leadership and a diverse team of engineers on security initiatives across the company including shaping the future of our digital forensic capabilities at Samsara.

Although you will be highly focused on digital forensics work, you will also have the opportunity to create automated workflows, and assist in process refinement and implementation. Above all, your focus is bringing Security expertise to the table in a collaborative, humble, and practical manner.

This role requires availability during PST business hours, including being on call.

You should apply if:

• You want to impact the industries that run our world: Your efforts will result in real-world impact—helping to keep the lights on, get food into grocery stores, reduce emissions, and most importantly, ensure workers return home safely.
• You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development, countless opportunities to experiment and master your craft in a hyper growth environment.
• You’re energized by our opportunity: The vision we have to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative, ambitious ideas for our customers.
• You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by a high-caliber team that will encourage you to do your best. 

Click hereto learn more about Samsara's cultural philosophy. 

In this role, you will: 

Monitor security events and provide technical analysis on alerts

• Lead information security incidents by developing the incident response strategy, lead the execution through incident closure, while providing incident updates to key stakeholders throughout the incident
• Mentor and growstaff on engineering projects and digital forensic investigations
• Assist with developingSamsara’s digital forensic capabilities
• Deliver security guidance clearly and concisely for cloud and enterprise infrastructure initiatives
• Coordinate the building of services, capabilities, integrations, and implementations of technologies to support security operations and incident response
• Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices

Minimum requirements for the role:

• 4+ years of experience in host-level digital forensics, endpoint detection & response, and forensic analysis tools (e.g. EnCase, FTK, Volatility)
• One of more of the following certifications:
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Certified Forensic Analyst (GCFA)
• EnCase Certified Examiner (EnCE)
• Certified Forensic Computer Examiner (CFCE)
• Ability to communicate investigative findings and strategies to technical staff, executive leadership, and legal
• Ability to build scripts or tools to support Samsara’s incident investigation processes, with a proficiency in Python
• Mentor and train security operation engineers on data collection, analysis and reporting technical analysis
• Experience designing and implementing engineering solutions and tools for digital forensic capabilities
• Practical experience acting as a lead during security incident response, including triage, and coordinating across teams

An ideal candidate also has:

• Experience in security competitions, CTFs, and/or testing platforms
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• Splunk certifications