Security Incident Response Engineer
Posted 1 month ago
We're looking for an experienced Security Incident Response Engineer to join the Core Security team at Zapier. Zapier’s on a mission to make everyone more productive at work. Over 3 million professionals already use Zapier to save more time, but there are millions more to reach.
Our next team member will need to apply their incident monitoring and management, log analysis, and malware triage skills to create monitoring and put alerts and SOPs (standard operating procedure) in place at Zapier. You will also be an Incident Handler as part of the Incident Response Group for any security-related incidents. Additionally, you will be responsible for interpreting, analyzing, and correlating multiple security events from a distributed and global environment to keep Zapier secured.
If you’re interested in launching your career at a fast-growing and profitable startup, then read on…
We know applying for and taking on a new job at any company requires a leap of faith. We want you to feel comfortable and excited to apply at Zapier. To help share a bit more about life at Zapier, here are a few resources in addition to the job description that can give you an inside look at what life is like at Zapier. Hopefully, you'll take the leap of faith and apply.
- Our Commitment to Applicants
- Culture and Values at Zapier
- Zapier Guide to Remote Work
- Zapier Code of Conduct
- Diversity and Inclusivity at Zapier
Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.
You’re a skilled Security Incident Response Engineer. You have 3+ years of experience working in security monitoring and incident response or security operations.You understand the tactics, techniques, and procedures of advanced attackers and how to monitor, detect and alert for them. You are hands-on and have in-depth knowledge of security monitoring and incident response tools (SIEM, IDS, IPS, EDR’s). You have also built or want to build your own incident response process.
You live and breathe the AWS security best practices.
You thrive for ownership over processes or tools. You are well organized, love to create clean, comprehensive and easy to follow guidelines for others to follow when you're not around. You tend to document everything that you do.
You are a skilled written communicator. Zapier is a 100% remote team and being able to communicate well is critical. Chat and video are our primary means of communication. You can communicate unfamiliar technical topics clearly and in an approachable way to both technical and non-technical staff, including senior management.
You’re creative and resourceful. You try as many angles as possible to secure positive press mentions for clients and companies. You keep an eye out for media, speaking, and award opportunities as they arise and keep up on industry trends. Automation is your to-go when solving problems.
You believe relationships are critical to success. You have relationships with business and tech media, you have experience working with customers or partners, and you’re able to build trust with cross-functional teams and external agencies quickly.
You’re solid at time management. You’ll juggle a variety of fast-moving communications projects, and as a part of a distributed team, you’ll be trusted to work with minimal supervision. As a part of a growing company, you have an opportunity to make a significant impact, and you’re keen to build processes that’ll make your job more efficient over time.
Things You Might Do
Zapier is a small, fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:
- Identify security issues and risks associated with security events and manage the incident response process.
- Participate and lead the incident response and investigation process for identified and escalated security events.
- Thorough understanding of enterprise security controls in the cloud (AWS) infrastructure.
- Optimize and customize security-monitoring tools in order to improve detection.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Ability to automate solutions to repetitive problems/tasks using scripting languages such as Python.
- You will be a member of the Incident Response Group which monitors the networks and hosts for security breaches and investigate a violation when one occurs
- Prepare reports that document security investigations.
- Organize and participate in Red and Purple Team exercises.
- Research and blog internally and externally about the latest information security trends.
- Help plan and carry out an organization’s way of handling security.
- Develop security standards and best practices.
- Recommend security enhancements to management or staff.
- Help computer users when they need to install or learn about new security products and procedures.
- As a part of our All Hands Support initiative, help customers have the best possible experience with Zapier.
For the past eight years, Zapier has been helping people across the world automate the boring and tedious parts of their job. We do that by helping everyone connect the web applications they already use and love.
We believe that there are jobs a computer is best at doing and that there are jobs a human is best at doing. We want to empower businesses to create processes and systems that let computers do what they are best at doing and let humans do what they are best at doing.
We believe that with the right tools, you can have big impact with less hassle.
We believe in small teams. Small teams are fast and nimble. Small teams mean less bureaucracy and less management and more getting things done.
We believe in a safe, welcoming, and inclusive environment. All teammates at Zapier agree to a code of conduct.
The Whole Package
We're currently hiring for the following locations:
- North America
- Competitive salary (we don't use remote as an excuse to pay less)
- Great healthcare + dental + vision coverage*
- Retirement plan with 4% company match*
- Profit sharing
- 2 annual company retreats to awesome places
- 14 weeks paid leave for new parents of biological or adopted children
- Pick your own equipment. We'll set you up with whatever Apple laptop + monitor combo you want plus any software you need.
- Unlimited vacation policy. Plus we require you to take at least 2 weeks off each year. We see most employees take 4-5 weeks off per year. This isn't a vague policy where unlimited vacation means no vacation.
- Work with awesome companies around the world. We partner with great software companies all over the world and you'll constantly get to interact with people from these great companies
*While we take care of our international folks as best we can, currently, healthcare and retirement plans are only available to US-based employees.
How To Apply
We have a non-standard application process. To jump-start the process we ask a few questions we normally would ask at the start of an interview. This helps speed up the process and lets us get to know you a bit better right out of the gate.
After you apply, you are going to hear back from us, even if we don't seem like a good fit. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.
Optional: Share anonymously some demographic information about yourself to help us better track trends related to the backgrounds of candidates interested in working at Zapier in order for us to build a team that represents the users at Zapier and the broader world population.
Zapier is an equal opportunity employer. We're excited to work with talented and empathetic people no matter their race, color, gender, sexual orientation, religion, national origin, physical or mental disability, or age. Our code of conduct provides a beacon for the kind of company we strive to be, and we celebrate our differences because those differences are what allow us to make a product that serves a global user base.