Job Directory Segment Security Monitoring and Incident Response Manager

Security Monitoring and Incident Response Manager Segment
San Francisco, CA

Segment is a company that develops a platform for collecting customer data.

Companies like Segment
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About Segment

Job Description


At Segment, we believe companies should be able to send their data wherever they want, whenever they want, with no fuss. Unfortunately, most product managers, analysts, and marketers spend too much time searching for the data they need, while engineers are stuck integrating the tools they want to use. Segment standardizes and streamlines data infrastructure with a single platform that collects, unifies, and sends data to hundreds of business tools with the flip of a switch. That way, our customers can focus on building amazing products and personalized messages for their customers, letting us take care of the complexities of processing their customer data reliably at scale. We're in the running to power the entire customer data ecosystem.

All this data makes us a high-value target. We need effective and lightweight security monitoring, response and vulnerability detection to help us prevent, detect and correct issues with our product and infrastructure. This is a top-tier business problem that you as the SIRT leader at Segment could dig into right away. Security is the most important thing happening in engineering and will always have high internal visibility to company leadership.

Who we are:

We're a small team of experienced security engineers with diverse technical and non-technical backgrounds. We're a passionate group of individuals who enjoy challenging traditional, prescriptive security techniques of the past and adapting or creating them to work with Segment's modern development technologies and practices. We talk about our methods and accomplishments in public blogs, at conferences, and in presentations. If you want to be this kind of security person and work with a team that's like you to develop innovative SIRT solutions for distributed systems and architecture, we'd love to hear about your approach and introduce you to our team.

A little more about our team:

* We showcased the importance of making security tooling more usable by demoing our OWASP ZAP contributions at Appsec USA
* We discussed our overall approach to our security engineering program at LASCON
* Our Head of Security's Approach to Building a Security Team and Program
* We deleted every employees' AWS keys!
* We help organize the OWASP SF chapter, the AppSec California, B-Sides SF, and Day of Shecurity conferences

What we do:

* We write software to monitor and correct our security posture in AWS and GCP
* We work with other engineering teams to secure their infrastructure
* We evangelize and reward good security behavior and hygiene throughout the company
* We're proud of the code we write, and believe we can build automation to enable our engineers to be secure and remain productive.


* Work directly with the senior leadership team to set strategy and priorities on security monitoring, incident response and vulnerability management
* Regularly report on the effectiveness of your program and make adjustments when things aren't working as planned
* Create and execute a detailed SIRT roadmap, which maps to our overall security roadmap: what we are monitoring and why; how we consistently and reliably respond to events and incidents; how we are quickly uncovering meaningful vulnerabilities; how we improve our SIRT processes year over year
* Hunt for threats in the environment with the team, as well as prepare for attack scenarios with the teams
* Keep incident documentation and runbooks updated, covering the full incident lifecycle, which are reliably executed by the team and you
* Work with engineering teams to ensure systems are well-prepared for incident-response activities (with proper logging, red-team exercises, etc.)
* Lead security incidents as the Incident Commander: take over the communications, direct the work, investigate as needed, and then lead post-mortems and assign betterments
* Continue building SIRT, developing engineers' careers, as well as being your own IC when your team is small; recruit new team members; train and promote existing team members for success


* You have 5+ years of engineering experience in a cloud-production environment and you have working knowledge of service-oriented architectures and software development, as well as experience with different logging tools fit for a cloud environment
* You've previously held a senior SIRT role in a professional environment and you're capable of being a security subject matter expert on internal security issues
* You are excited to work across the stack on a variety of different security challenges and initiatives
* You are very comfortable in AWS/containerized environments. You are comfortable with Golang.

Segment is an equal opportunity employer. We believe that everyone should receive equal consideration and treatment in all terms and conditions of employment regardless of sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, race, color, religion, creed, national origin, ancestry, age (over 40), physical disability, mental disability, medical condition, genetic information, marital status, domestic partner status, military or veteran status, height, weight, AIDS/HIV status, and any other protected category under federal, state or local law. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

About Segment

Segment is a company that develops a platform for collecting customer data.

571 employees

100 California St #700, San Francisco

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.