Listing Description
About The Role & Team
As the Staff Security Engineer, Detection & Response Lead you will develop and maintain standard procedures and protocols to ensure Detection & Response meets operational requirements at Amplitude. You’ll build programs including Threat Detection & Engineering, Security Incident Response, Security Operations, Threat Intelligence, and Forensics. You are a subject matter expert in incident response process, cyber forensics, and industry best practices. You’ll have overall accountability for a timely and appropriate response to security threats and incidents.
As a Staff Security Engineer, D&R, you will:
- Partner with Engineering (infrastructure, data, appdev) to establish comprehensive visibility into potential risk events across a cloud-native environment
- Construct an agile, threat intelligence-driven continuous improvement process that leverages purple-team techniques and hypothesis-based threat hunting
- Create and refine telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events efficiently
- Manage risks by implementing robust security capabilities for repeatable predictable outcomes and maturation, and by coordinating incident response workflows
- Influence Engineering and Product teams to prioritize and implement all stages of the Vulnerability Management life-cycle - detection, analysis, remediation and disclosure
You'll be a great addition to the team if you have:
- 10+ years of progressively responsible work experience in security engineering, threat management, and incident response
- Strong working knowledge of and working experience with security frameworks (MITRE, kill chain, Diamond), TTPs, and program frameworks (NIST, ISO)
- Deep understanding of best practices in and strong technical knowledge of distributed systems and cloud technology AND application security OR infrastructure security
- Extensive and direct experience in high-pressure situations managing and responding to complex technical cyber security incidents
- Ability to assess cost/benefit trade-offs of security initiatives in the context of overall business risk mitigation, and Amplitude’s operational objectives
Who We Are
The Company: Amplitude is filled with humble, life-long learners who are eager to help one another and the company succeed. Our values of growth mindset, ownership, and humility are core to the way we work: we’re tenacious in the face of challenges, we take the initiative to solve problems that drive our shared success, and we operate from a place of empathy and openness, seeking to understand many points of view.
We care about the well-being of our team: along with excellent health insurance, we offer flexible time off, a monthly wellness stipend, a generous parental leave, a subscription to Modern Health, and a generous Learning & Development stipend.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided