Security Engineer - Detection & Response
Remote (US and Canada only)
Plaid Inc.
Plaid helps companies build fintech solutions by making it easy, safe and reliable for people to connect their financial data to apps and services.
We believe that the way people interact with their finances will drastically improve in the next few years. We’re dedicated to empowering this transformation by building the tools and experiences that thousands of developers use to create their own products. Plaid powers the tools millions of people rely on to live a healthier financial life. We work with thousands of companies like Venmo and SoFi, several of the Fortune 500, and many of the largest banks to make it easy for people to connect their financial accounts to the apps and services they want to use. Plaid’s network covers 11,000 financial institutions across the US, Canada, UK and Europe. Founded in 2013, the company is headquartered in San Francisco with offices in New York, Salt Lake City, Washington D.C., London and Amsterdam.
The mission of Plaid's Security Operations Team is to secure environments for our employees, development, and services. We achieve this by implementing controls that ensure security in the background, measuring effectiveness and adjusting controls. We also monitor and respond to issues that occur in those environments, address events, and reduce risk exposure.
As a Detection & Response Engineer on the Security Operations team, you will be responsible for building and optimizing the detection and alerting tools that drive our response processes. You will investigate existing signal sources from our platform and enterprise environments, identifying patterns of concern for detection and alerting. You will build automated response mechanisms that enable for rapid data enrichment or containment of newly arisen risks. You will work across security teams to address gaps in signal coverage, improving overall visibility to emerging threats. Major projects may include building a log/telemetry aggregation and detection platform, automated remediation tooling, implementing new logging mechanisms, discovering risky patterns in security event streams, and defining runbooks for manual response processes where needed.
We're guided by our principles, including impact, growing together, embracing openness and positivity, and inventing tomorrow; we're looking for leaders motivated by those same principles.
The mission of Plaid's Security Operations Team is to secure environments for our employees, development, and services. We achieve this by implementing controls that ensure security in the background, measuring effectiveness and adjusting controls. We also monitor and respond to issues that occur in those environments, address events, and reduce risk exposure.
As a Detection & Response Engineer on the Security Operations team, you will be responsible for building and optimizing the detection and alerting tools that drive our response processes. You will investigate existing signal sources from our platform and enterprise environments, identifying patterns of concern for detection and alerting. You will build automated response mechanisms that enable for rapid data enrichment or containment of newly arisen risks. You will work across security teams to address gaps in signal coverage, improving overall visibility to emerging threats. Major projects may include building a log/telemetry aggregation and detection platform, automated remediation tooling, implementing new logging mechanisms, discovering risky patterns in security event streams, and defining runbooks for manual response processes where needed.
We're guided by our principles, including impact, growing together, embracing openness and positivity, and inventing tomorrow; we're looking for leaders motivated by those same principles.
What excites you
- Identifying patterns in signals and logs that indicate potential threats and risks to the organization
- Building automation that reduces response complexity and time to remediation for security concerns
- Identifying gaps in security signals and working with engineering teams to surface the necessary data
- Evaluating technologies for improving security defenses
- Integrating security controls across cloud-native and third-party tools
What excites us
- Background working in security engineering organizations, specifically on the detection and response side
- Strong familiarity with Python, Go and/or other scripting/coding languages
- History of understanding common secure patterns and detecting deviations from them
- Familiarity with working with APIs and coding to integrate data from different security controls
- Run PoC's for potential new security controls and determine their effectiveness
- Experience working with Security and Engineering teams to ensure that all critical signals are available for analysis
- Broad familiarity with security operations topics that affect detection and response functions, including identity and access, auditing and alerting, automation and orchestration, and threat hunting
- Experience building tooling around security controls and investigations
- Experience with the risks associated with financial technology companies
Tags: APIs Audits Automation C Cloud Python Scripting
Perks/benefits: Health care Team events
Regions:
Remote/Anywhere
North America
Country:
Canada
Job stats:
25
8
0
Category:
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs