Ref#: R0023607

Our mission.

As the world’s number 1 job site, our mission is to help people get jobs. We need talented, passionate people working together to make this happen. We are looking to grow our teams with people who share our energy and enthusiasm for creating the best experience for job seekers.

The team.

We are builders, we are integrators. Tech Services creates and optimizes solutions for a rapidly growing business on a global scale. We work with distributed infrastructure, petabytes of data, and billions of transactions with no limitations on your creativity. You don’t have to wait for some architect or manager to tell you what you can work on - you decide the priorities. With tech hubs in Seattle, San Francisco, Austin, Tokyo and Hyderabad, we are improving people's lives all around the world, one job at a time.
The base salary range below represents the low and high end of the Indeed salary range for this position. Actual salaries will vary and may be above or below the range based on various factors including but not limited to location, experience, and performance. The range listed is just one component of Indeed's total compensation package for employees. Other rewards may include quarterly bonuses, Long Term Incentive Plan units, an open Paid Time Off policy, and many region-specific benefits. 

Austin Base Salary Range: 98,000 - 120,000 USD per year

Your job.

In your job you will interact with stakeholders across several teams: Development, Quality Assurance, IT, Operations, and Product Management. A candidate successful in this role is expected to demonstrate proficiency in several domains relevant to incident response and should look forward to developing in other areas as well. 


  • The basics

    • Actively participate in daily, and weekly team and individual meetings

    • Review and work on the team incident backlog with an eye on team KPIs

    • Follow the Security Incident Response Plan to analyze, triage, and coordinate response to potential security incidents 

    • Identify malicious or anomalous activity based on event data from various sources, including network, endpoint, application, and other security tooling

    • Operate as a trusted member of the Indeed Incident Response team, including showing good judgment when making changes or directing actions that could impact the ability for the business to function normally

    • Coordinate incident response activities within and amongst teams

    • Maintain detailed and accurate documentation of incidents. 

    • Ensure follow up of post-incident work to avoid recurrence of an incident

    • Maintain up-to-date documentation of incidents.

    • Ensure proper daily hand-offs of tickets to team-mates in other sites

    • Are available during non-business hours for security emergencies.

    • Participate in simulations, tabletop exercises as directed.

  • Seek opportunities to improve Incident Response

    • Recommend and implement team process improvements

    • Build tools to automate team tasks with playbooks and runbooks

    • Build detection and alerting infrastructure improvements via statistical analysis

  • Share what you do

    • Deliver updates in Security group meetings as required

    • Deliver tech talks to other Indeed groups

    • Participate in Security awareness campaigns within Indeed

About you.

You will be successful in this role if you:

  • Possess deep knowledge of common attack methods (malware, web application, social engineering, etc)

  • Pay attention to detail, via methodical workflows, to identify correlations between events and activities that may not seem related

  • Work collaboratively, across teams and time zones, to identify the root cause of security incidents and facilitate their resolution with other technical and non-technical teams

  • Take pride in getting things done

  • Look for opportunities to leverage technology to automate tedious work and improve event detection accuracy

  • Are passionate about growing and leveraging your technical skills for Incident Response work in several of these areas: Operating Systems (Windows, Mac, or Linux), Networking, Computer Forensics, Web Applications, Software Development, Identity, and Access Management, or Cloud Computing

  • Eager to participate in outreach efforts, including technical talks, blog posts, fielding questions from outside the team

  • Stay up-to-date with trends in the information security community including new vulnerabilities, attack methods, incident detection and frameworks/methodologies, and products.

  • Demonstrate critical thinking and problem-solving skills related to technology

  • Are enthusiastic to learn and adopt new technologies and processes


Requirements:


  • Either 

    • Bachelors of Science degree in Computer Science, Engineering, Computer Security, Information Systems; and 3+ years of experience in Incident Response

    • OR 5+ years work experience in Incident Response without one of the above degrees

  • Previous System or Network Administration experience is a plus

  • Implementation/support of security monitoring devices/applications

  • Demonstrated knowledge of attack methodology (malware, web application, social engineering, etc). 

  • Experience with open source technologies and environments (including, but not limited to, Snort, Suricata)  

  • Experience with tools and appliances such as Nessus, IPS/IDS, Kali Linux, Palo Alto, Cisco ASA, and SIEM/SOAR tools.

  • Automation and scripting experience with one or more of Python, Java, Javascript, Golang, Bash, etc

  • Basic understanding of Developer Best Practices expected from an enterprise version control environment (Git/Github etc)


Nice to have:

  1. You have developed software projects that you can share with us in this domain. Show off your repo(s) and/or blogs.

  2. Any of these accredited certifications: GCIH (Certified Incident Handler), GCIA (Certified Intrusion Analyst), OSCP (Offensive Security CertifiedProfessional), CCNA (Cisco Certified Network Associate)

  3. Experience implementing/using tactics from ATT&CK and similar IR frameworks 



Indeed provides a variety of benefits that help us focus on our mission of helping people get jobs.

View our bounty of perks: http://indeedhi.re/IndeedBenefits  


View Indeed's Applicant Privacy Terms: https://www.indeed.com/legal/applicant-privacy

EEO and Accommodations 

 

Indeed is deeply committed to building a workplace and global community where inclusion is not only valued, but prioritized. We’re proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, family status, marital status, sexual orientation, national origin, genetics, neuro-diversity, disability, age, or veteran status, or any other non-merit based or legally protected grounds.

 

Indeed is committed to providing reasonable accommodations to qualified individuals with disabilities in the employment application process. To request an accommodation, please contact Talent Attraction Help at 1-855-567-7767, or by email at TAhelp@indeed.com at least one week in advance of your interview.