Ref#: R0023612

Our mission.

As the world’s number 1 job site, our mission is to help people get jobs. We need talented, passionate people working together to make this happen. We are looking to grow our teams with people who share our energy and enthusiasm for creating the best experience for job seekers.

The team.

We are builders, we are integrators. Tech Services creates and optimizes solutions for a rapidly growing business on a global scale. We work with distributed infrastructure, petabytes of data, and billions of transactions with no limitations on your creativity. You don’t have to wait for some architect or manager to tell you what you can work on - you decide the priorities. With tech hubs in Seattle, San Francisco, Austin, Tokyo and Hyderabad, we are improving people's lives all around the world, one job at a time.

The base salary range below represents the low and high end of the Indeed salary range for this position. Actual salaries will vary and may be above or below the range based on various factors including but not limited to location, experience, and performance. The range listed is just one component of Indeed's total compensation package for employees. Other rewards may include quarterly bonuses, Long Term Incentives, an open Paid Time Off policy, and many region-specific benefits. 

Tokyo Base Salary Range: 8,070,000 - 9,930,000 JPY per year

Your job.

Indeed is seeking an experienced Security Incident Response Engineer who is passionate about Indeed Security’s mission to empower Indeedians to Help People Get Jobs. In your job you will interact with stakeholders across several teams: Development, Quality Assurance, IT, Operations, and Product Management. A candidate successful starting off in this role is expected to demonstrate knowledge in one or more security domains to respond to incidents, work on building tools to improve incident response work, and participate in team process improvements. 

What you will do:

  • Perform the basics

    • Actively participate in daily, and weekly team and individual meetings. 

    • Review and work on the team incident backlog with an eye on team KPIs

    • Follow the Security Incident Response Plan to analyze, triage, and coordinate response to potential security incidents

    • Seek help from more experienced team members when faced with challenges

    • Identify malicious or anomalous activity based on event data from various sources, including network, endpoint, application, and other security tooling

    • Operate as a trusted member of the Indeed Incident Response team and demonstrate good judgement when making changes or directing actions that could impact the ability for the business to function normally

    • Coordinate incident response activities within and amongst teams

    • Maintain detailed and accurate documentation of incidents in their life-cycle 

    • Ensure follow up of post-incident work to avoid recurrence of incidents

    • Ensure proper daily hand-offs of tickets to team-mates in other sites

    • Are available during non-business hours for security emergencies.

    • Participate in simulations, tabletop exercises as directed.

  • Seek opportunities to improve Incident Response

    • Suggest and implement team process improvements 

    • Build tools to automate individual and team tasks with playbooks and runbooks

    • Use data via dashboards and statistical analysis  to guide your decisions

  • Share what you do

    • Contribute to team updates in Security group meetings

    • Deliver tech talks to other Indeed groups occasionally

    • Participate in Security awareness campaigns and other Security events within Indeed

About you.

You will be successful in this role if you:

  • Possess deep knowledge of several common attack methods (malware, web application, social engineering, etc)

  • Are detail oriented, but begin to step back to identify correlations between events and activities that may not seem related

  • Work collaboratively within your team, partners, and across time zones

  • Work naturally with technical and non-technical partners during the resolution of incidents

  • Take pride in getting things done

  • Look for opportunities to leverage technology to automate incident analysis and response work 

  • You begin to develop an intermediate level of knowledge in several of these areas: Data analysis, SIEMs and SOARs, Detection Engineering, Operating Systems (Windows, Mac, or Linux), Networking, Computer Forensics, Web Applications, Software Development, Identity and Access Management, or Cloud Computing

  • Eager to participate in outreach efforts, including technical talks, blog posts, fielding questions from outside the team

  • Stay up-to-date with trends in the information security community including new vulnerabilities, attacks methods, incident response frameworks/methodologies, and products.

  • Demonstrate critical thinking and problem solving skills related to technology

  • Are enthusiastic to learn and adopt new technologies and processes


  • Either 

    • Bachelors of Science degree in Computer Science, Engineering, Computer Security, Information Systems;, or 

    • 2+ years work experience in Incident Response without one of the above degrees

    • 2+ total years of System or Network Administration experience looking to enter the IT Security Domain 

  • Implementation/support of security monitoring devices/applications

  • Knowledge of attack methodologies (malware, web application, social engineering, etc). 

  • Knowledge of open source tools and environments (such Snort, Suricata). Experience would be great  

  • Some hands-on experience with tools and appliances such as Nessus, IPS/IDS, Kali Linux, Palo Alto, Cisco ASA, and SIEM/SOAR tools

  • Automation and scripting experience with any of Python, Shell scripting, Javascript, Golang, Java etc

  • Basic understanding of developer best practices with a version control system (Git/Github etc)

Nice to have:

  • You have developed software projects that you can share with us in this domain. Show off your repo(s) and/or blogs

  • Any of these accredited certifications : GCIH (Certified Incident Handler), GCIA (Certified Intrusion Analyst), OSCP (Offensive Security CertifiedProfessional), CCNA (Cisco Certified Network Associate), AWS or GCP Security certifications

  • Experience implementing/using tactics from ATT&CK and similar IR frameworks 

Indeed provides a variety of benefits that help us focus on our mission of helping people get jobs.

View our bounty of perks:  

View Indeed's Applicant Privacy Terms:

EEO and Accommodations

Indeed is deeply committed to creating a workplace and global community where inclusion is not only valued, but prioritized. We’re proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, gender identity or expression, family status, marital status, sexual orientation, national origin, genetics, neurodiversity, disability, age, or any other non-merit based or legally protected grounds.


Indeed is committed to providing reasonable accommodations to qualified individuals with disabilities in the employment application process. To request an accommodation, please contact Talent Attraction Help at +81 3 4563 2563, or by email at at least one week in advance of your interview.