Security Engineer, Security Incident Detection & Response

At ASAPP, we are on a mission to build transformative machine learning-powered products that push the boundaries of artificial intelligence and customer experience. We focus on solving complex, data-rich problems — the kind where there are huge systemic inefficiencies and where a real solution will have a significant economic impact. Our CX interaction platform uses machine learning across both voice and digital engagement channels to augment and automate human work, radically increasing productivity and improving the efficiency and effectiveness of customer experience teams.
ASAPP is seeking a full-time Security Engineer to help build and strengthen our infrastructure and incident detection and response capabilities. You will work with fellow security engineers, and partner with the rest of the engineering organization to ensure we’re securing our application and cloud infrastructure, using cloud-native solutions. As a member of this team, you will be part of our growing security team, and have oversight and responsibility for different domains such as application security, infrastructure security, corporate security, and protection of sensitive data. You will actively participate in the buildout of our cloud security infrastructure and a variety of detection & response tools, leveraging ASAPP’s people and technology for maximum benefit, you will also have an active voice and participation in the design review of ASAPP systems in order to contribute to the health of our security culture.
As our operations keep growing we encourage applicants from all locations in Argentina and Uruguay to apply. 

What you’ll do

• Contribute to the definition and implementation of ASAPP’s security toolset
• Propose/implement/design and code automation processes where needed
• Own our detection-as-code infrastructure
• Build and maintain infrastructure security CI/CD pipelines
• Evolve our large scale log ingestion infrastructure
• Participate in the security incident detection and response process
• Interact and collaborate with different engineering teams
• Participate in on-call responsibilities along with your teammates

What you'll need

• Security experience (and a good common sense hat)
• Proven problem-solving, analytical, and investigative skills combined with the ability to develop creative solutions and navigate through ambiguity in a fast-paced, agile environment
• Knowledge of security frameworks (NIST, MITRE ATT&CK, CIS, OWASP, etc.)
• In-depth technical knowledge of infrastructure, containers, and applications
• Solid experience with SIEM and/or EDR/IDS/IPS technologies and log ingestion
• Production experience in cloud-native environments
• Python for scripting, pipeline, and incident response automation

What we’d like to see

• Experience with CI/CD tools such as GitlabCI & CircleCI
• Familiar with encryption and secrets management technologies (Hashicorp Vault, AWS KMS, symmetric and asymmetric encryption)
• Security forensics and revising malware experience
• Sandboxing malware experience
• Expertise in log aggregation and indexing at scale (Elasticsearch, Splunk)
• Familiar with analyzing and researching IOCs, correlating events, identifying malicious activity, and taking appropriate containment steps

Benefits

• Competitive compensation
• Stock options
• OSDE 410 for you and your family 
• Wellness perks
• Learning & development stipend 
• Mac equipment
• 3 weeks of vacation
• English lessons

ASAPP is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, disability, age, or veteran status. If you have a disability and need assistance with our employment application process, please email us at careers@asapp.com to obtain assistance. #LI-SL1 #LI-Remote