Sr. Security Engineer

Company Description

The Detection & Response Team focuses on identifying and responding to security incidents targeting Twitter. Our primary mission is to help protect Twitter’s customers, its employees and the company's data. We accomplish this by identifying and responding to unusual or malicious information security threats and performing investigations into computer security incidents.

The Position

What You’ll Do

You'll join a team of talented individuals focused on identifying and responding to security and privacy incidents impacting Twitter, its customers, and employees. You’ll be responsible for investigating, validating, classifying, and responding to security and privacy events. When performing investigations you will help us answer "what happened", "why did it happen", "what was the impact", and "how do we remediate". During investigations, you will have the opportunity to hone your investigative skills by performing forensic data analysis for a wide range of security events. You will be responsible for keeping detailed timelines and thorough documentation of incidents. When responding to an incident you will lead a cross-functional group of security and privacy professionals, engineers, lawyers, and more to remediate the issue.  You will also design new and improve processes and procedures to improve incident handling and streamline security event processing.

Who You Are

You have experience in investigating and responding to security incidents. You're an advocate for the security and privacy of users and their data. When faced with ambiguity you aren't intimidated and you seek answers through peers, documentation, experts, experimentation, and more. You are detailed in your documentation of events and comfortable communicating time-sensitive and relevant information to audiences with a wide range of technical knowledge. You love learning from and engaging with peers, researchers, and other experts in the security community. You aren't satisfied with the status quo; you look for opportunities to simplify, automate, and improve.

Qualifications

  • Experience performing computer security incident detection & response activities

  • Knowledge and understanding of malware, attacker tactics, techniques, and procedures. 

  • Knowledge of common application/system vulnerabilities, threat actors and mitigations.

  • Experience with using forensic analysis tools in an incident response context

  • Knowledge of at least two of these security topics: malware analysis, software vulnerabilities, cryptography, web application security, identity and access management, network security, operating system hardening, data forensics

  • Systems administration experience in Linux, Windows and/or macOS is a plus.

  • Experience with cloud deployment environments such as GCP or AWS.

  • Experience with SQL and large datasets, specifically for security investigations

  • Experience communicating security concerns and issues to non-technical audiences.

  • Flexibility to participate in a 24/7 on-call rotation

 

Additional Information

All your information will be kept confidential according to EEO guidelines.

The applicable salary range for each U.S.-based role is based on where the employee works and is aligned to one of 4 tiers according to a cost of labor index in that geographic area. Starting pay for the successful applicant will depend on a variety of job-related factors, which may include education, training, experience, location, business needs, or market demands. The expected salary ranges for this role, are set forth below. These ranges may be modified in the future.

  • Tier A: USD $162,000 - USD $226,000
  • Tier B: USD $154,000 - USD $216,000
  • Tier C: USD $146,000 - USD $204,000
  • Tier D: USD $138,000 - USD $193,000

You can view which tier applies to where you plan to work here and is updated for any future jurisdiction which requires publication of the salary range on the job posting. If your location is not listed, please speak with your recruiter for additional information.

This job is also eligible for participation in Twitter’s Performance Bonus Plan and Equity Incentive Plan subject to the terms of the applicable plans and policies.

Twitter offers a wide range of benefits to U.S.-based employees, including medical, dental, and vision insurance, 401(k) program with employer match, generous time off for vacation, sick time, and parental leave. Twitter’s benefits prioritize employee wellness and progressive support to our diverse workforce.

Location

Remote US, San Francisco, New York City, Seattle, Boulder

 

Application

U.S. Equal Employment Opportunity information (Completion is voluntary)
Non U.S. Equal Employment Opportunity information (Completion is voluntary)
Privacy and data