Security Engineer - Detection & Response
Who We Are
The Detection & Response Team focuses on identifying and responding to security incidents targeting Twitter. Our primary mission is to help protect Twitter’s users, it’s employees and the company's data. We accomplish this by identifying unusual or malicious information security threats and performing investigations into computer security incidents.
What You’ll Do
You'll join a team of talented individuals focused on identifying and responding to security incidents targeting Twitter. You’ll be responsible for reviewing, validating, classifying, and responding to security events. This involves actively monitoring our systems for attacks and intrusions. When performing investigations into suspicious activity, your skills will help us to analyze events to figure out “what happened," document our findings, and determine the best course of remediation. This role will also involve designing and engineering tools to improve incident handling and streamline security event processing.
Who You Are
You have expertise in investigating and responding to security incidents. You will be familiar with building and maintaining security software. In addition, you have a proven knowledge of MacOs and Linux system internals. You've likely spent time analyzing malware, including studying its behavior and impact. You're an advocate for the security of users and their data. You love learning from and engaging with peers, researchers, and other authorities in the security community.
- 3+ years experience performing computer security incident detection & response activities
- Knowledge and understanding of malware reverse engineering including code or behavior analysis
- Knowledge of common application/system vulnerabilities, threat actors and mitigations
- Software development experience with either Python or Go.
- Systems administration experience in Linux. Windows or OSX administration experience is a plus.
- Knowledge of at least two of the these security topics: malware analysis, software vulnerabilities, cryptography, web application security, identity and access management, network security, operating system hardening.
- Experience with configuration management tools such as puppet, ansible, or chef.
- Experience with cloud deployment environments such as GCP or AWS.
- Experience communicating security concerns and issues to non-technical audiences.
- Flexibility to participate in on-call rotation
** Position available to sit in Boulder, CO - Seattle, WA or San Francisco, CA Twitter office.
We are committed to an inclusive and diverse Twitter. Twitter is an equal opportunity employer. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected status.
San Francisco applicants: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Engineering Hiring Process
Once your application is received, a recruiter will reach out pending your qualifications are a match for the role.
If your background is a match, you may have 1-2 technical phone interviews or be given the chance to provide a work sample depending on the role.
If the phone interviews go well or your work sample is strong, the final step includes interviews with 5-6 people held onsite in our office.
We're the People Team @Twitter. We're hiring service, purpose-driven people who are creative and move fast. #LoveWhereYouWork #JoinTheFlock
We're your one stop shop for anything University related. That means campus outreach, student advice/tips, & of course, our University Recruiting efforts!