Security Monitoring and Incident Response Engineer Segment.Com
San Francisco, CA

Job Description

Overview

At Segment, we believe companies should be able to send their data wherever they want, whenever they want, with no fuss. Unfortunately, most product managers, analysts, and marketers spend too much time searching for the data they need, while engineers are stuck integrating the tools they want to use. Segment standardizes and streamlines data infrastructure with a single platform that collects, unifies, and sends data to hundreds of business tools with the flip of a switch. That way, our customers can focus on building amazing products and personalized messages for their customers, letting us take care of the complexities of processing their customer data reliably at scale. We're in the running to power the entire customer data ecosystem, and we need the best people to take the market.

The Segment Security team is growing fast to protect our systems, customers, and data all over the world. Security is acknowledged as both a bedrock discipline and a market differentiator by all Segment groups: from our board and founders to our individual contributors. As a Security Engineer at Segment, you will work with a talented team of security professionals, ones who are well-known for creativity and innovation in solving customer-trust issues.

Who we are:

We're a small team with a passion for startup security, which means we are always thinking of newer and better ways to tackle hard security problems. We take on ambitious projects that have a big impact on our customers and the security of our company. We talk about our methods and accomplishments in public blogs, at conferences, and in presentations. If you want to be this kind of security person and work with a team that's like you to create innovative security solutions for distributed systems and architecture, we'd love to hear about your approach and introduce you to our team.

A little more about our team:

* Our contributions to the the OWASP ZAP Project
* Our Head of Security's Approach to Building a Security Team and Program
* We deleted every employees' AWS keys!
* We help organize the OWASP SF chapter, the AppSec California, B-Sides SF, and Day of Shecurity conferences
* Our Data Protection Officer speaking on privacy and data security topics

What we do:

* We protect the company, its applications, servers, and its users.
* We build systems and processes to make it easier for our employees to do their job in a secure way.
* We enjoy hearing from our bug-bounty researchers (still private, for now) and fixing the flaws they identify.
* We collect, analyze, and respond to what we find in our logs.
* We love sharing our knowledge (see our blog posts and conference talks!) (Ex: https://segment.com/blog/secure-access-to-100-aws-accounts/ and https://appseccalifornia2018.sched.com/speaker/coleen_coolidge.1xem12h6)
* We love open source: https://open.segment.com

Who we are looking for:

* You run towards the fires of security incidents, you want to find out what happened and how and get those problems fixed.
* You're focused on great monitoring for an environment, and turning the large sea of data into actionable alerts that help the Incident Response process.
* You hate repetition, automation is a friend that aids you in focusing on important items.
* You know that in any monitoring data, there's a 'bad' story to find and share.
* You're empathetic, patient, and love to help your teammates grow.
* You're focused, driven, and can get challenging projects across the finish line.

Projects We're Working On:

* Automating incident response and vulnerability management workflows.
* Building our detection abilities via system monitoring and log analysis.
* Guiding the company as it targets ISO compliance and certification.
* Previously - Created an easy way to manage AWS accounts and our engineers' access.

Requirements:

* You have 2+ years of engineering experience in a cloud-production environment. You have working knowledge of service-oriented architectures and software development, as well as experience with different logging tools fit for a cloud environment.
* You've previously held a SIRT role (monitoring, IR, or both) in a professional environment and you're a capable security subject-matter expert on internal security issues.
* You have done monitoring and/or response for cloud data centers and container technology, (bonus if you've touched AWS, GCP, and Docker).
* You've implemented and maintained infrastructure, perhaps intelligence tracking systems, to support an Incident Response team and their 24x7 availability requirements.
* You subscribe to the hunter style of incident response, have found signs of attackers, and turned your methods into alerts in case they came back.
* You are excited to work across the stack on a variety of different security challenges and initiatives.

Bonus:

* You have a degree in Computer Science or related field

Segment is an equal opportunity employer. We believe that everyone should receive equal consideration and treatment. Recruitment, hiring, placements, transfers, and promotions will happen based on qualifications for the positions being filled regardless of sex, gender identity, race, religious creed, color, national origin ancestry, age, physical disability, pregnancy, mental disability, or medical condition.