Security Engineer, Detection and Response
Snap Inc is a technology company. We believe the camera presents the greatest opportunity to improve the way people live and communicate. Snap contributes to human progress by empowering people to express themselves, live in the moment, learn about the world, and have fun together. The Company’s three core products are Snapchat, a visual messaging app that enhances your relationships with friends, family, and the world; Lens Studio, an augmented reality platform that powers AR across Snapchat and other services; and it's AR glasses, Spectacles.
We’re looking for a Security Engineer to join our Detection and Response (D&R) team! As a member of the D&R Threat Detection team, you will build and understand threat models which pose an imminent threat to our platform and business, invest in research and development to collect new data sources, improve our threat intelligence, and drive efforts to achieve holistic threat detection. Working from our West Coast (US), Switzerland, or Australia offices, you’ll collaborate with engineers across many disciplines to operationalize the identification and eradication of threats across our production environments, corporate infrastructure, and internal tooling.
What you’ll do:
Design, pilot, and implement logging and alerting systems to detect malicious activity on Snap Inc.'s endpoints, infrastructure, networks, and cloud environments
Build tools and devise automation strategies to improve Snap Inc.’s ability to hunt threats and respond to intrusions
Investigate events generated by the alerting pipeline and triage potential incidents
Work closely with multiple Snap Inc. teams during incidents and drive response efforts
Identify, analyze, fingerprint and build threat intelligence on trends and developments in adversary tactics, techniques, and procedures (TTPs) for sophisticated threat actors spanning APTs and cybercrime.
Knowledge, Skills & Abilities:
Proven experience in one or more of the following detection and response areas: digital forensics, malware analysis, incident management, host/network intrusion detection, threat intelligence
Strong development skills in Python and/or Go
Advanced knowledge of operating system internals, and a core competency in two or more of the following: macOS, Windows, Linux, Kubernetes, Amazon Web Services, and Google Cloud Platform
Bachelor of Science in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field
3+ years of experience in the field of security monitoring or related security role
Demonstrated knowledge in threat hunting and developing logic to automate threat detection and incident response
Familiarity with cloud-based services and infrastructure (Google Cloud, Workspace, AWS, etc.)
Excellent verbal and written communication skills, with high attention to detail
Practical experience in a BeyondCorp model
Work record of collaborating with internal and external stakeholders at all levels of a company
"Default Together" Policy at Snap:
At Snap we believe that being together in person helps us build our culture faster, reinforce our values, and serve our community, customers and partners better through dynamic collaboration. To reflect this, we practice a “default together” approach and expect our team members to work in an office at least 80% of the time (an average of 4 days per week). Our policy may change from time to time.
If you are not based in the same location(s) listed for this role and are open to relocation, we encourage you to apply to take advantage of our generous relocation policy.
Our Benefits: Snap Inc. is its own community, so we’ve got your back! We do our best to make sure you and your loved ones have everything you need to be happy and healthy, on your own terms. Our benefits are built around your needs and include paid maternity & paternity leave, comprehensive medical coverage, emotional and mental health support programs, and compensation packages that let you share in Snap’s long-term success!