Security Engineer

Job Description

The Security Engineer on the Enterprise Security team is responsible for protecting Grammarly's infrastructure, including the corporate environment within which all our employees do their work and our cloud infrastructure within which all our product offerings and services run

This role on the Enterprise Security team will be specific to our detection and response function

Perform forensics and lead response when security incidents occur, including triaging security alerts, taking the relevant mitigation steps, and engaging directly with internal stakeholders

Tune our alerting rules to reduce false positives and improve our signal-to-noise ratio

Participate in our teams on-call incident response rotation

Streamline our security operations through automation - authoring runbooks, writing code, and building SOAR capabilities

Burn down the detection backlog to improve our detection coverage and accuracy

Assist with defining, creating, and maintaining SIEM detection rules and dashboards

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ~~~ .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: ~~~/ .

Skills and Requirements

3+ years of experience in a Security Operations Center (SOC) or technical support experience

3+ years of hands-on administration experience with Linux, Mac, and Windows systems

Has skills in any of the following security assurance areas: penetration testing, code review, and threat modeling

Has working experience with cloud security concepts, including AWS and/or other public cloud technologies

Is familiar with the following technologies and frameworks: EDR, SIEM, SOAR, MITRE Att&ck, cyber kill chain

Is familiar with programming languages for automation purposes, such as Python, Java, or Go

Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations

Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks

Has strong communication skills, with the ability to explain complex security issues in understandable terms

Nurtures the talent in the team and raises the technical talent bar when recruiting for their team Malware reverse engineering

Product Security (PSIRT) experience, including triaging the impact of software vulnerabilities null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to ~~~.