Senior Security Engineer, Incident Response Fitbit
San Francisco, CA

Job Description

At Fitbit, our mission is to help people lead healthier, more active lives by empowering them with data, inspiration and guidance to reach their goals.

We started our journey in 2007-as a team of two with one big idea. Since then, we've grown to over 1,500 employees, sold over 60mm devices, and built a health and fitness community across the globe. In fact, the Fitbit Community has taken enough steps to walk from the Sun to Pluto! Offering award-winning products, a top-rated mobile app and an easy-to-use online dashboard, Fitbit provides personalized experiences that help our users reach their goals. With a reenergized focus on innovative devices, interactive experiences, and enterprise health we are transforming the way consumers and businesses see health & fitness.

From your first steps as a Fitbitter, you will be at the forefront of developing new products. Our culture combines the spirit of startup with the perks of being public. We offer a competitive benefits package and amazing perks like unlimited snacks, Friday happy hours, onsite workout classes, and a strong focus on a healthy work-life balance. As part of our team, you'll have the opportunity to grow your career, contribute your ideas to life-changing products and services, and-above all-have fun doing it.

Fitbit's HQ campus is located in the heart of San Francisco with office locations in Boston, San Diego and around the world. Think you've found your fit?

We are looking for an experienced Incident Response Engineer who has a depth of experience and will help expand our Detection and Response capabilities.

The Team

We have assembled a team of dedicated security professionals who are passionate about protecting Fitbit and growing themselves. We value:

* Collaboration over competition
* Improvement over perfection
* Pragmatism
* Direct feedback
* Continuous improvement

The Role

* Detection engineering
* Design methods for identifying malicious activity across our global infrastructure
* Master the core technologies found in our production and corporate environments
* Triage events generated by our detection infrastructure
* Hunt for signs of compromise across a range of platforms and environments
* Provide technical cross-training with other security engineers and IT admin partners
* Incident response
* Lead technical investigations into suspected incidents
* Identify, and help implement, improvements to our IR processes and procedures
* Be familiar with forensic artifacts from a range of operating systems and technologies
* Coordinate communication with internal and external stakeholders during incidents
* Participate in regular 'first line triage' duties and being primary security contact
* Visibility, auditing and automation
* Contribute to our efforts to automate detection of, and response to, malicious activity
* Master our SIEM and SOAR platforms
* Monitor log collection infrastructure to ensure its ability to detect and analyze threats
* Work with partners in IT and Engineering to improve log coverage and quality

Technical Requirements

To be successful at this role it will require a broad understanding of how companies like Fitbit use technology. Our tooling is focused not only on our corporate environment but also on Fitbit's customer-facing infrastructure.

We expect experience and familiarity with:

* Modern security technologies
* Endpoint Detection and Response tools (e.g. CarbonBlack, CrowdStrike)
* Email security tools and technologies
* Security Information and Event Managers (SIEMs; e.g. Splunk, ELK)
* Security orchestration, automation, & response (SOARs; e.g. Komand, Phantom)
* Cross-platform incident response
* Corporate endpoints (e.g. MacOS, Windows)
* Cloud services (e.g. GCP, AWS)
* Container and VM environments (e.g. Mesos, vSphere, Docker)
* Security-focused scripting and automation
* Python, Ruby, or Golang
* PowerShell

Fitbit is proud to be an equal opportunity employer. We recruit, hire, train, promote, pay, and administer all personnel actions without regard to race, color, ancestry, national origin, citizenship, religion, age, sex (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), sex stereotyping (including assumptions about a person's appearance or behavior, gender roles, gender expression, or gender identity), sexual orientation, gender, gender identity, gender expression, marital status, medical condition, mental or physical disability, military or veteran status, genetic information or other statuses protected by law. We interpret these protected statuses broadly to include both the actual status and any perceptions and assumptions made regarding these statuses.

San Francisco applicants: Pursuant to the San Francisco Fair Chance Ordinance Fitbit will consider for employment qualified applicants with arrest and conviction records.