Listing Description
As a Senior Incident Response Security Engineer you will be on the front lines of securing people’s healthcare and personal information at scale. This role isn’t for button pushers, software engineers, or computer scientists. This role is for security practitioners. We expect you to do everything from leading high severity security incidents to resolution, implementing the latest detection techniques, and driving custom automations and integrations to enhance response workflows. This position will constantly challenge you to learn new skills and apply yourself in different ways towards our mission of advancing security in the healthcare industry.
In this role, you will be expected to collaborate with individuals from across all different levels and functions with the organization. You will partner with these teams on security issues that oftentimes have ambiguous solutions, and work to design solutions that align with broader organizational goals. This will require partnership and persuasion to gain the support and commitment of others while optimizing work processes by identifying opportunities to improve.
As a member of the One Medical Security team you will be joining a team of highly technical people focusing on having a meaningful impact on the company and the greater healthcare industry. We operate with a ‘team first’ mentality focusing on collaboration to move the security needle forward. Our drive for team success is tied closely with our commitment to personal growth; every team member is empowered to pursue research and contribute to projects that are not strictly defined by their role.
What you'll work on:
Monitoring, detecting, responding to security events across our infrastructure
Leading efforts with cross-functional teams to drive investigation, containment and remediation efforts during incidents
Driving the development of new and novel solutions for detecting and mitigating threats against One Medical
Interrogating network and host artifacts originating from multiple operating systems and/or applications
Building automation between tools and systems utilizing APIs to help create efficient detection & response workflows.
Leading security projects that help to improve the company's security posture, as well as the industry itself
Participating in security research, presentation, and security industry collaboration
You’ll be set up for success if you have:
3+ years experience in Security Detection & Response
2+ years of experience with any scripting language (python, javascript, bash, go, ruby, etc)
Significant experience leading incidents and familiarity with the phases involved in the IR Lifecycle from start to finish (Preparation,
Identification, Containment, Eradication, Recovery, Lessons Learned)
Demonstrated ability to analyze and correlate data from a wide variety of external and internal sources for technical investigations
Experience in writing high signal detections using logs ingested from multiple sources throughout our infrastructure
Strong investigative mindset with acute attention to detail to facilitate root cause analysis
Experience writing, reading, and debugging regular expressions
The ability to think critically to solve complex security problems and design efficient solutions using knowledge of security threats, attack vectors, vulnerabilities and exploits
The ability to think strategically & understand how different cross-functional programs within the Technology org align together to improve the security posture of the company
Nice to Have:
Experience with common security tools such as Splunk, Bro, Suricata, OSQuery, AWS Lambda, ELK
Experience performing dynamic analysis of malware to develop signatures and countermeasures
Forensic experience in at least one major operating system platform (Windows, OS X, or Linux)
Experience performing offensive assessments, penetration testing, exploit development, or vulnerability analysis
Experience developing and maintaining relationships with members of the Information Security, Threat Intelligence, and Law Enforcement communities
Contribution to the security community such as presenting at conferences, publishing research articles, open source projectsWhat you'll work on:
Monitoring, detecting, responding to security events across our infrastructure
Leading efforts with cross-functional teams to drive investigation, containment and remediation efforts during incidents
Driving the development of new and novel solutions for detecting and mitigating threats against One Medical
Interrogating network and host artifacts originating from multiple operating systems and/or applications
Building automation between tools and systems utilizing APIs to help create efficient detection & response workflows.
Leading security projects that help to improve the company's security posture, as well as the industry itself
Participating in security research, presentation, and security industry collaboration
Listing Details
- Citizenship: Us Citizen
- Incentives: Stock Options
- Education: No Requirements
- Travel: No Travel
- Telework: No Telecommute