Senior Security Engineer - Detection and ResponseAbout Rippling Rippling is the first way for businesses to manage all of their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.
By connecting every business system to one source of truth for employee data, businesses can automate all of the manual work they normally need to do to make employee changes.
We're looking for a hands-on senior security engineer to play a key role in Rippling's security program. As a member of Rippling's security team you will automate day-to-day DART tasks, collect data to report on the success of our protective controls, and write new detection logic.
What you will do Develop and run tools to gather security telemetry data from cloud production systemsAutomate workflows and improve identification and response time for security eventsBuild and optimize detection rulesRespond to security events, triage, perform investigations, incident analysis, and communicate clearly and efficiently to stakeholdersContribute to improving processes, procedures, and technologies used for detection and responseDrive development and improvements in Security Incident and Event Management, Case Management, and Automation.Develop runbooks and incident playbooks for new and existing detectionsLead Threat hunting practices, suggest product and infrastructure signals to surface attacks and incorporate findings into security controlsWhat you will need 4+ years of full-time experience as a security engineer, including security monitoring, incident response, and threat huntingPrior experience leading complex investigations with a large number of stakeholdersPractical understanding of common attacks and how they work.Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principlesHands-on experience with data analysis, modeling, and correlation at scaleOperating systems internals and forensics experience for macOS, Windows & LinuxDomain experience managing and working with current SIEM and SOAR platformsExperience developing tools and automation using common DevOps toolsets and programming languagesUnderstanding of malware functionality and persistence mechanismsAbility to analyze endpoint, network, and application logs for anomalous eventsAdditional Information Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics.
#J-18808-Ljbffr