R
Staff Security Engineer Threat Detection and Response
remotepromsp
India · Hybrid Full-time Lead Today
About the role
Responsibilities:
- Own individual security solutions throughout their lifecycle, including design, development, and deployment, in order to continuously improve Gemini’s ability to detect and respond to advanced, targeted threats
- Develop and improve processes and tools that supports the team rapidly iterating and responding to threats Gemini faces
- Lead incident response and investigation efforts
- Analyze technical threat data to extract TTPs, malware techniques, and adversary methods
- Create and enhance countermeasures and detections for malware, attacker techniques, threat actor methodology, and suspicious events associated with intelligence obtained by the Gemini Team
- Produce well documented, resilient and manageable code that supports the streamlining and automation of the above
- Provide mentorship and guidance to junior engineers on the team in their growth and implementation of the above
Minimum Qualifications:
- Broad and deep DFIR/Threat Detection and Response experience
- Scripting proficiency in a common programming language (e.g. Python, Go)
- Hands-on familiarity with CI/CD, infrastructure as code, and microservices
- Aptitude in the use of containerization technologies (eg. Docker)
- Deep experience in the design and implementation of detection signatures spanning multiple security log sources (Splunk, EDR, etc.)
- Able to troubleshoot and debug issues, and demonstrate a methodical approach to root cause analysis
- Excellent oral and written communication skills, including the ability to interact effectively with leadership, engineers, vendors and peers
Requirements
- Broad and deep DFIR/Threat Detection and Response experience
- Scripting proficiency in a common programming language (e.g. Python, Go)
- Hands-on familiarity with CI/CD, infrastructure as code, and microservices
- Aptitude in the use of containerization technologies (eg. Docker)
- Deep experience in the design and implementation of detection signatures spanning multiple security log sources (Splunk, EDR, etc.)
- Able to troubleshoot and debug issues, and demonstrate a methodical approach to root cause analysis
- Excellent oral and written communication skills, including the ability to interact effectively with leadership, engineers, vendors and peers
Responsibilities
- Own individual security solutions throughout their lifecycle, including design, development, and deployment, in order to continuously improve Gemini’s ability to detect and respond to advanced, targeted threats
- Develop and improve processes and tools that supports the team rapidly iterating and responding to threats Gemini faces
- Lead incident response and investigation efforts
- Analyze technical threat data to extract TTPs, malware techniques, and adversary methods
- Create and enhance countermeasures and detections for malware, attacker techniques, threat actor methodology, and suspicious events associated with intelligence obtained by the Gemini Team
- Produce well documented, resilient and manageable code that supports the streamlining and automation of the above
- Provide mentorship and guidance to junior engineers on the team in their growth and implementation of the above
Skills
CI/CDDockerEDRGoPythonSplunk
Don't send a generic resume
Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.
Get started free