Staff Security Engineer, Detection & Response
San Francisco, CA
Applications have closed
Amplitude
Build better products by turning your user data into meaningful insights, using Amplitude's digital analytics platform and experimentation tools.Amplitude is a leading digital analytics platform. More than 1,800 customers, including Atlassian, Chick-fil-A, Marks & Spencer, NBCUniversal, PayPal, Shopify, and Under Armour rely on Amplitude to gain self-service visibility into the entire customer journey. With Amplitude, teams can understand what product features are working, where users are getting stuck, and what actions lead to the right outcomes. As an organization, we approach challenges with humility, take ownership of our contributions, and embrace a growth mindset that pushes us to constantly improve ourselves, each other, and the value we bring to customers and partners.
Amplitude’s Commitment to Diversity Equity & Inclusion (DEI): Amplitude believes that diversity enables creation of better products, ability to solve complex problems, and drive more powerful solutions. In order to make diversity possible, we commit to striving to create an environment of inclusion: an environment focused on psychological safety, empathy, and human connection, which will allow employees of all backgrounds to feel the care they need to thrive.
About The Role & Team
As the Staff Security Engineer, Detection & Response Lead you will develop and maintain standard procedures and protocols to ensure Detection & Response meets operational requirements at Amplitude. You’ll build programs including Threat Detection & Engineering, Security Incident Response, Security Operations, Threat Intelligence, and Forensics. You are a subject matter expert in incident response process, cyber forensics, and industry best practices. You’ll have overall accountability for a timely and appropriate response to security threats and incidents.
As a Staff Security Engineer, D&R, you will:
- Partner with Engineering (infrastructure, data, appdev) to establish comprehensive visibility into potential risk events across a cloud-native environment
- Construct an agile, threat intelligence-driven continuous improvement process that leverages purple-team techniques and hypothesis-based threat hunting
- Create and refine telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events efficiently
- Manage risks by implementing robust security capabilities for repeatable predictable outcomes and maturation, and by coordinating incident response workflows
- Influence Engineering and Product teams to prioritize and implement all stages of the Vulnerability Management life-cycle - detection, analysis, remediation and disclosure
You'll be a great addition to the team if you have:
- 10+ years of progressively responsible work experience in security engineering, threat management, and incident response
- Strong working knowledge of and working experience with security frameworks (MITRE, kill chain, Diamond), TTPs, and program frameworks (NIST, ISO)
- Deep understanding of best practices in and strong technical knowledge of distributed systems and cloud technology AND application security OR infrastructure security
- Extensive and direct experience in high-pressure situations managing and responding to complex technical cyber security incidents
- Ability to assess cost/benefit trade-offs of security initiatives in the context of overall business risk mitigation, and Amplitude’s operational objectives
Who We Are
The Company: Amplitude is filled with humble, life-long learners who are eager to help one another and the company succeed. Our values of growth mindset, ownership, and humility are core to the way we work: we’re tenacious in the face of challenges, we take the initiative to solve problems that drive our shared success, and we operate from a place of empathy and openness, seeking to understand many points of view.
We care about the well-being of our team: along with excellent health insurance, we offer flexible time off, a monthly wellness stipend, a generous parental leave, a subscription to Modern Health, and a generous Learning & Development stipend.
The Product: Amplitude is a digital analytics platform – we help companies understand their users, rapidly release better product experiences, and ultimately grow their business. We’re super proud of what we’ve built and continue to expand: a platform that empowers companies to thrive in the digital era.
Other fun facts about Amplitude:
- G2: #1 product analytics solution and #3 best software product
- Business Insider: A top tech company to bet your career on
- Fast Company: #3 most innovative enterprise company in the world
- Amplitude went public via a direct listing in September 2021 and is now trading under the ticker AMPL.
- Founded in 2012, Amplitude is backed by Benchmark Capital, Sequoia Capital, IVP, Battery Ventures, Y Combinator and other top tier investors.
- We’re a global and fast-growing team! We have offices in San Francisco (HQ), New York, Vancouver, Amsterdam, London, Paris, Singapore, and employees around the world.
- Our mascot is the datamonster, who loves to chow down on numbers, charts, and graphs. Nom nom.
Amplitude provides equal employment opportunities (EEO). All applicants are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, or sexual orientation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Application security Cloud Forensics Incident response NIST Threat detection Threat intelligence TTPs Vulnerability management
Perks/benefits: Career development Flex hours Flex vacation Gear Health care Insurance Parental leave Startup environment Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs