Incident Response Engineer
We're looking for an experienced Security Incident Response Engineer to join our Core Security team at Zapier.
You will need to apply your incident handling, log analysis, and engineering skills in order to guide investigations, improve security tools, and help build security incident workflows at Zapier. You will be an Incident Handler as part of the Security Incident Response Team as well as be the key owner of our Vulnerability Management program. Additionally, you will be responsible for creating, analyzing, and correlating complex security events from a distributed and global environment to keep Zapier secured.
To help share a bit more about life at Zapier, here are a few resources in addition to the job description that can give you an inside look at what life is like at Zapier:
Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.
You’re a skilled Security Incident Response Engineer. You have 3+ years of experience working in security monitoring and incident response or security operations.You understand the tactics, techniques, and procedures of advanced attackers and how to monitor, detect and alert for them. You are hands-on and have in-depth knowledge of security monitoring and incident response tools (SIEM, IDS, IPS, EDR’s). You have hands-on experience working with Vulnerability Management tools and processes.
You thrive for ownership over processes or tools. You are well organized, love to create clean, comprehensive and easy to follow guidelines for others to follow when you're not around. You tend to document everything that you do and are eager to collaborate on and improve tools and processes.
You’re familiar with Cloud Security. You understand AWS security best practices, and have experience investigating AWS events and findings.
You’re an excellent written communicator. You tend to document everything you do. We’re a 100% remote team, and writing is our primary means of communication at Zapier. You also have the ability to leverage multiple forms of communication to articulate complex concepts to both technical and non-technical staff, including senior management.
You’re creative and resourceful. You’re no stranger to using inventive thinking to solve an investigation. You make the most of what you have at the time, and are not afraid to make quick decisions during stressful situations.
You believe relationships are critical to success. Whether during an incident or as general practice, you strive to bring people together to create the best result you can. You have a history of collaboration across company teams, and can quickly build trust with cross-functional groups and external agencies. And you simply have great interpersonal skills and love for a team environment.
You’re solid at time management and automation. Automation is your to-go when solving problems. You’ll juggle a variety of fast-moving security projects, including building the Vulnerability Management program and helping lead security incidents. As a part of a distributed team, you’ll be trusted to work with minimal supervision. As a part of a growing company, you have an opportunity to make a big impact, and you’re keen to build processes that’ll make your job more efficient over time.
Things You’ll Do
- Participate in and lead the security incident response process for identified and escalated security events
- Build the Vulnerability Management program
- Respond to security incident alert sources (e.g. EDR findings, security feeds, and incident alerts)
- Analyze security events from cloud (AWS) infrastructure
- Be a key player in engineering security-monitoring tools in order to improve detection
- Coordinate with teams to implement vulnerability scannings to classify and remediate the findings
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Automate solutions to repetitive problems/tasks using languages and frameworks such as Python, Cloud Custodian, Terraform, and others
- You will be a member of the Incident Response Team, monitoring the networks and hosts for security breaches and investigate a violation when one occurs
- Participate in Red-Team and Purple Team exercises
- Research and blog internally and externally about the latest information security trends
- Help identify and implement security enhancements throughout the organization
- As a part of our All Hands Support initiative, help our customers have the best possible experience with Zapier
Zapier helps people across the world automate the boring and tedious parts of their job. We do that by helping everyone connect the web applications they already use and love.
We believe that there are jobs a computer is best at doing and that there are jobs a human is best at doing. We want to empower businesses to create processes and systems that let computers do what they are best at doing and let humans do what they are best at doing.
We believe that with the right tools, you can have big impact with less hassle.
We believe in small teams. Small teams are fast and nimble. Small teams mean less bureaucracy and less management and more getting things done.
We believe in a safe, welcoming, and inclusive environment. All teammates at Zapier agree to a code of conduct.
The Whole Package
- Competitive salary (we don't use remote as an excuse to pay less)
- Great healthcare + dental + vision coverage*
- Retirement plan with 4% company match*
- Profit sharing
- 2 annual company retreats to awesome places
- 14 weeks paid leave for new parents of biological or adopted children
- Pick your own equipment. We'll set you up with whatever Apple laptop + monitor combo you want plus any software you need.
- Unlimited vacation policy. Plus we require you to take at least 2 weeks off each year. We see most employees take 4-5 weeks off per year. This isn't a vague policy where unlimited vacation means no vacation.
- Travel of 5% - 10% for company retreats which rotate to various cities throughout North America. We will resume retreats when it’s safe to travel again. Retreats typically take place twice a year as a company, once a year as a team. All expenses paid (flights, meals, transportation, etc.).
- Work with awesome companies around the world. We partner with great software companies all over the world and you'll constantly get to interact with people from these great companies
*While we take care of our international folks as best we can, currently, healthcare and retirement plans are only available to US-based employees.
How to Apply
We have a non-standard application process. To jump-start the process we ask a few questions we normally would ask at the start of an interview. This helps speed up the process and lets us get to know you a bit better right out of the gate. Please make sure to answer each question.
After you apply, you are going to hear back from us, even if we don't seem like a good fit. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.
Optional: Share anonymously some demographic information about yourself to help us better track trends related to the backgrounds of candidates interested in working at Zapier in order for us to build a team that represents the users at Zapier and the broader world population.
Zapier is an equal opportunity employer. We're excited to work with talented and empathetic people no matter their race, color, gender, sexual orientation, religion, national origin, physical or mental disability, or age. Our code of conduct provides a beacon for the kind of company we strive to be, and we celebrate our differences because those differences are what allow us to make a product that serves a global user base.