Detection & Response Engineer

Posted 22 June 2021
SalaryCompetitive
LocationSan Francisco
DisciplineCyber Security
Reference43733
Contact NameGreg Anderson
Remote working Remote

Job description

ROLE OVERVIEW

As a Detection and Response Engineer at Benchling you’ll be joining a team responsible for building a best-in-class security program from the ground up. Our focus is on providing value to the organization by emphasizing real world security and embracing automation to keep up with the company as we experience hypergrowth. We’re looking for engineers who are excited to apply their expertise to our mission of securing some of society's most sensitive data.

YOU MIGHT WORK ON
  • Investigating security events across the organization using your experience and knowledge in multiple security domains (log analysis, digital forensics, or malware analysis).
  • Creating, deploying and maintaining high signal threat detections based on your understanding of threat actor TTPs.
  • Architecting a highly scalable incident response process by developing, applying and refining automation for steps of the Incident Response life cycle
  • Coordinating cross functional incident response during security incidents, assisting partner teams during non-security incidents
  • Researching new detection mechanisms for attack vectors and techniques relevant to our space and presenting findings to both internal and external audiences.
  • Evaluating external tooling, developing new automation and tooling.
  • Helping to rapidly scale our team. As a member of the security team, you'll be an integral part of how we mature our own tooling, best practices, engineering processes, and hiring.
ABOUT YOU
  • 5-10 years of Detection and Response (Detection Engineering, Digital Forensics, Incident Response, and/or Threat Intelligence)
  • Strong communicator with both words and data - you have experience communicating to a wide variety of stakeholders under varying conditions
  • Experience as an incident responder responsible for leading large scale incidents
  • Technical leadership skills (you enjoy being a tech lead, mentoring technologists, evangelizing security and privacy)
  • Ability to lead complex and major projects in ambiguous situations through influence and not authority.
  • Practical experience with attacker tactics, techniques, and procedures
  • Comfortable with complexity in the short term but can build towards simplicity in the long term
  • Relevant development experience in at least one scripting language, preferably Python
  • Plus: Contributions to the security community via talks, papers, blogs, projects, CVEs, etc.