Our mission.As the world’s number 1 job site, our mission is to help people get jobs. We need talented, passionate people working together to make this happen. We are looking to grow our teams with people who share our energy and enthusiasm for creating the best experience for job seekers.
The team.We are builders, we are integrators. Tech Services creates and optimizes solutions for a rapidly growing business on a global scale. We work with distributed infrastructure, petabytes of data, and billions of transactions with no limitations on your creativity. You don’t have to wait for some architect or manager to tell you what you can work on - you decide the priorities. With tech hubs in Seattle, San Francisco, Austin, Tokyo and Hyderabad, we are improving people's lives all around the world, one job at a time.
In your job you will interact with stakeholders across several teams: Development, Quality Assurance, IT, Operations, and Product Management. A candidate successful in this role is expected to demonstrate proficiency in several domains relevant to incident response and should look forward to developing in other areas as well.
Actively participate in daily, and weekly team and individual meetings
Review and work on the team incident backlog with an eye on team KPIs
Follow the Security Incident Response Plan to analyze, triage, and coordinate response to potential security incidents
Identify malicious or anomalous activity based on event data from various sources, including network, endpoint, application, and other security tooling
Operate as a trusted member of the Indeed Incident Response team, including showing good judgment when making changes or directing actions that could impact the ability for the business to function normally
Coordinate incident response activities within and amongst teams
Maintain detailed and accurate documentation of incidents.
Ensure follow up of post-incident work to avoid recurrence of an incident
Maintain up-to-date documentation of incidents.
Ensure proper daily hand-offs of tickets to team-mates in other sites
Are available during non-business hours for security emergencies.
Participate in simulations, tabletop exercises as directed.
Seek opportunities to improve Incident Response
Recommend and implement team process improvements
Build tools to automate team tasks with playbooks and runbooks
Build detection and alerting infrastructure improvements via statistical analysis
Share what you do
Deliver updates in Security group meetings as required
Deliver tech talks to other Indeed groups
Participate in Security awareness campaigns within Indeed
You will be successful in this role if you:
Possess deep knowledge of common attack methods (malware, web application, social engineering, etc)
Pay attention to detail, via methodical workflows, to identify correlations between events and activities that may not seem related
Work collaboratively, across teams and time zones, to identify the root cause of security incidents and facilitate their resolution with other technical and non-technical teams
Take pride in getting things done
Look for opportunities to leverage technology to automate tedious work and improve event detection accuracy
Are passionate about growing and leveraging your technical skills for Incident Response work in several of these areas: Operating Systems (Windows, Mac, or Linux), Networking, Computer Forensics, Web Applications, Software Development, Identity, and Access Management, or Cloud Computing
Eager to participate in outreach efforts, including technical talks, blog posts, fielding questions from outside the team
Stay up-to-date with trends in the information security community including new vulnerabilities, attack methods, incident detection and frameworks/methodologies, and products.
Demonstrate critical thinking and problem-solving skills related to technology
Are enthusiastic to learn and adopt new technologies and processes
Bachelors of Science degree in Computer Science, Engineering, Computer Security, Information Systems; and 3+ years of experience in Incident Response
OR 5+ years work experience in Incident Response without one of the above degrees
Previous System or Network Administration experience is a plus
Implementation/support of security monitoring devices/applications
Demonstrated knowledge of attack methodology (malware, web application, social engineering, etc).
Experience with open source technologies and environments (including, but not limited to, Snort, Suricata)
Experience with tools and appliances such as Nessus, IPS/IDS, Kali Linux, Palo Alto, Cisco ASA, and SIEM/SOAR tools.
Basic understanding of Developer Best Practices expected from an enterprise version control environment (Git/Github etc)
Nice to have:
You have developed software projects that you can share with us in this domain. Show off your repo(s) and/or blogs.
Any of these accredited certifications: GCIH (Certified Incident Handler), GCIA (Certified Intrusion Analyst), OSCP (Offensive Security CertifiedProfessional), CCNA (Cisco Certified Network Associate)
Experience implementing/using tactics from ATT&CK and similar IR frameworks
Indeed provides a variety of benefits that help us focus on our mission of helping people get jobs.
View our bounty of perks: http://indeedhi.re/IndeedBenefits
View Indeed's Applicant Privacy Terms: https://www.indeed.com/legal/applicant-privacy
EEO and Accommodations
Indeed is deeply committed to building a workplace and global community where inclusion is not only valued, but prioritized. We’re proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, family status, marital status, sexual orientation, national origin, genetics, neuro-diversity, disability, age, or veteran status, or any other non-merit based or legally protected grounds.
Indeed is committed to providing reasonable accommodations to qualified individuals with disabilities in the employment application process. To request an accommodation, please contact Talent Attraction Help at 1-855-567-7767, or by email at TAhelp@indeed.com at least one week in advance of your interview.
Indeed is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.