Security Incident Response Engineer
San Francisco, CA
Launched in 2011, Twitch is a global community that comes together each day to create multiplayer entertainment: unique, live, unpredictable experiences created by the interactions of millions. We bring the joy of co-op to everything, from casual gaming to world-class esports to anime marathons, music, and art streams. Twitch also hosts TwitchCon, where we bring everyone together to celebrate, learn, and grow their personal interests and passions. We’re always live at Twitch. Stay up to date on all things Twitch on LinkedIn, Twitter and on our Blog.
About the Role
Twitch is looking for someone to join our Security Incident Response Team (SIRT). Reporting to the Director of Security Incident Response, our SIRT’s mission is to help Twitch find, communicate about, handle, recover from, and learn from security incidents.
If you're already on a SIRT or doing similar work, we hope you’ll consider joining our SIRT. If you're looking to progress in your career in information security, and have experience in security monitoring, incident handling, threat intelligence, and digital forensics, we encourage you to apply for this job. We find security generalists and people with exposure to related fields to be highly effective; if you think your skills align well with even some of what you think security incident response at Twitch might be, given our mission, we encourage you to apply for this job.
- Participate in an on-call rotation that includes your peers on the SIRT
- Qualify reports or alerts of activity as security incidents using clear guidelines that establish what a security incident is
- Evaluate the potential and realized impact of security incidents to Twitch
- Analyze threat actor tactics, techniques, and procedures
- Perform malware analysis, host forensics, and network forensics
- Participate in information sharing groups; communicate securely and responsibly
- Write and follow clear procedures so that our work can be accountable, repeated, measured, and improved
- Communicate with peers and leadership about who did what to what, when, with what potential and realized impact, how we discovered it, and how we’re handling it
- Coordinate security incident response activities with affected teams to do the right thing for our customers and our organization
- Learn from incidents, not dogma; share SIRT data with the Security organization and with Twitch
- Identify detective and preventative technology and automation to reduce the impact of security incidents to Twitch
- Build, deploy, tune, and automate the detective and preventative technology and automation you select with help from dedicated Security Architecture, Security Engineering, and Application Security teams
- 5+ years relevant experience doing information security work or equivalent BS degree in Information Security, Information Systems, Computer Science, Computer Engineering, or other related fields
- Knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture
- Automation experience using scripting or programming languages (Go, Python, Ruby, Shell)
- MS degree in Computer Science, Computer Engineering, Electrical Engineering, or 8+ years’ equivalent technology experience
- Experience coordinating responses to security incidents
- Extensive knowledge of internet security issues and threat landscape
- Well-rounded background in cloud, host, network, and application security
- Medical, Dental, Vision and Disability Insurance, 401(k), Maternity and Parental Leave, Flexible PTO, Commuter Benefits, Amazon Employee Discount, Monthly Contribution and Discounts for Wellness Related Activities and Programs (e.g., gym memberships, off-site massages), Breakfast, Lunch and Dinner Served Daily, Free Snacks and Beverages.
We are an equal opportunity employer and value diversity at Twitch. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.