Senior Security Incident Response Engineer

About AlphaSense: 
AlphaSense is a market intelligence platform used by the world’s leading companies and financial institutions. Our AI-based technology helps professionals make smarter business decisions by delivering insights from an extensive universe of public and private content—including company filings, event transcripts, news, trade journals, and equity research.

• Total of $525M+ in VC funding – Series D funding in Jun’22 with a valuation of $1.7B
• Trusted by 3,500+ enterprise customers, including a majority of the S&P 500.
• 1000+ people across offices in the U.S., U.K., Finland, and India

The Role :
As members of AlphaSense's Core Security Sub Team, The Incident Response Team detects, manages, and remediates security incidents across AlphaSense. Security Incident Response Team (SIRT) works to create and maintain a safe and secure operating environment for the organization and its customers and responds to active security incidents. As a Security Engineer on SIRT, you will build and maintain the tools we use to detect and respond to emerging threats in efficient and scalable ways, respond to security incidents and drive them to resolution, and develop and deploy preventative security measures for the AlphaSense organization and the core research platform. Successful Security Engineers thrive in high-stress environments and can think like both an attacker and defender, engage with and mentor more junior Security Engineers, and can help come up with proactive and preventative security measures to keep AlphaSense and its user’s data safe in an ever-changing threat landscape.

Responsibilities :

• Detect and respond to company-wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats
• Monitor and analyze emerging threats, vulnerabilities and exploits
• Develop and implement scalable preventative security measures (detection, monitoring, exploitation)
• Incorporate current security trends, advisories, publications, and academic research
• Communicate risks and mitigations across multiple audiences
• Detect and independently respond to security incidents across the organization or alpha-sense.com
• Conduct proactive threat hunting based on threat intel
• Perform forensic analysis of infected hosts independently
• Analyze network traffic and identify attacker activity
• Mentor other members of the Security Incident Response Team
• Build and maintain scalable log ingestion and analytics platforms and tooling
• Perform root cause analysis (RCA) and incident reviews

Requirements :

• Bachelors in Computer science or a similar field.
• Strong scripting experience in python, bash, or similar language.
• Experience with designing and implementing processes and tools to improve incident handling and resolution.
• Experience with AWS or GCP with a focus on threat hunting, cloud trail, and cloud watch.
• Technical knowledge of systems in a multi-tenant, cloud environment.
• Proficiency in communicating over a text-based medium (Slack, Jira Issues, Email) and can succinctly document technical details.
• A minimum of 2 years of experience working with incident response, forensics, and investigation.
• Excellent written and verbal communication skills.
• Capability to build working relationships with key stakeholders.
• Experience with operating system internals and hardening, web application and browser security, monitoring, intrusion detection, and SIEM tools.

Nice to Have

• 5+ years of demonstrated experience in cloud & enterprise security, and log aggregation.
• GCIH or similar SANS certification.
• Experience with SIEM deployment and tools such as Datadog, Splunk, Exabeam, and managed incident response teams.