M+E Technology Job Board
Senior Security Engineer, Detection and Response
Fastly
Fastly helps people stay better connected with the things they love. Fastly’s edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers’ applications as close to their end-users as possible — at the edge of the Internet. The platform is designed to take advantage of the modern internet, to be programmable, and to support agile software development. Fastly’s customers include many of the world’s most prominent companies, including Vimeo, Pinterest, The New York Times, and GitHub.
We’re building a more trustworthy Internet. Come join us.
As a Senior Security Engineer on our Detection and Response team, you will help detect and respond to threats for one of the biggest online platforms in the world that handles massive amounts of traffic at very low latency.
We are looking for a teammate with expertise in both security engineering and operations and that values the complement between the two. You will have the opportunity to build and integrate tooling and detections, as well as investigate threats and lead incidents. As part of the larger Security organization, we make risk-informed decisions and prioritize automations to help us scale. In this role, you will help design, build, and mature our detection and response program, enabling rapid detection and effective response to threats against Fastly.
What You’ll Do:
Develop detections and other analytics to identify threats across cloud, corporate, and edge environments
Partner closely with Engineering, Security Architecture, Risk Management, Compliance, and other teams to prioritize detections and delivery of other security initiatives
Triage and investigate security threats and lead security incidents
Research, evaluate, implement, and maintain a variety of custom and commercial security tools, such as Endpoint Detection and Response (EDR), anti-phishing, and Security Information and Event Monitoring (SIEM)
Develop strategies, frameworks, designs, automations, metrics, and processes to support the maturity of the Detection and Response program
Develop and maintain incident response playbooks and other detection and response documentation
Conduct threat hunts to discover unknown malicious activity across our environment
Participate in our on-call rotations
Mentor other team members and contribute to larger Security initiatives
What We’re Looking For:
At Fastly we value a diversity of voices. The following is not a laundry list, but to be effective in this role you should possess most of the following and an interest in learning more about the rest:
Experience in utilizing Splunk to include investigating threats, developing metrics and dashboards, normalizing data feeds, and integrating with other tools
Familiarity of attacker tactics, techniques, and procedures (TTPs) and investigating advanced threats
Experience in evaluating, implementing, configuring, tuning, and maintaining Endpoint Detection and Response solutions
Experience with at least one major public cloud infrastructure, such as Amazon Web Services (AWS) or Google Cloud Platform (GCP)
Experience in effectively leading large and complex security incidents from detection to remediation
Familiarity with modern security frameworks and best practices, such as the MITRE ATT&CK framework and NIST CSF
Proficiency in one or more general purpose programming languages such as Python, Ruby, Go, or Rust
Experience with Linux administration at scale, associated intrusion/manipulation techniques, and standard methodologies for system hardening and process isolation
We’ll be super impressed if you have experience in any of these:
Developed “detections-as-code”
Conducted threat hunts
Published research on detection engineering or threat intelligence
Developed automations to improve security operations
Familiarity with content delivery networks (CDN), edge cloud platforms, or other Fastly products and services
Fastly
Fastly helps people stay better connected with the things they love. Fastly’s edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers’ applications as close to their end-users as possible — at the edge of the Internet. The platform is designed to take advantage of the modern internet, to be programmable, and to support agile software development. Fastly’s customers include many of the world’s most prominent companies, including Vimeo, Pinterest, The New York Times, and GitHub.
We’re building a more trustworthy Internet. Come join us.
As a Senior Security Engineer on our Detection and Response team, you will help detect and respond to threats for one of the biggest online platforms in the world that handles massive amounts of traffic at very low latency.
We are looking for a teammate with expertise in both security engineering and operations and that values the complement between the two. You will have the opportunity to build and integrate tooling and detections, as well as investigate threats and lead incidents. As part of the larger Security organization, we make risk-informed decisions and prioritize automations to help us scale. In this role, you will help design, build, and mature our detection and response program, enabling rapid detection and effective response to threats against Fastly.
What You’ll Do:
Develop detections and other analytics to identify threats across cloud, corporate, and edge environments
Partner closely with Engineering, Security Architecture, Risk Management, Compliance, and other teams to prioritize detections and delivery of other security initiatives
Triage and investigate security threats and lead security incidents
Research, evaluate, implement, and maintain a variety of custom and commercial security tools, such as Endpoint Detection and Response (EDR), anti-phishing, and Security Information and Event Monitoring (SIEM)
Develop strategies, frameworks, designs, automations, metrics, and processes to support the maturity of the Detection and Response program
Develop and maintain incident response playbooks and other detection and response documentation
Conduct threat hunts to discover unknown malicious activity across our environment
Participate in our on-call rotations
Mentor other team members and contribute to larger Security initiatives
What We’re Looking For:
At Fastly we value a diversity of voices. The following is not a laundry list, but to be effective in this role you should possess most of the following and an interest in learning more about the rest:
Experience in utilizing Splunk to include investigating threats, developing metrics and dashboards, normalizing data feeds, and integrating with other tools
Familiarity of attacker tactics, techniques, and procedures (TTPs) and investigating advanced threats
Experience in evaluating, implementing, configuring, tuning, and maintaining Endpoint Detection and Response solutions
Experience with at least one major public cloud infrastructure, such as Amazon Web Services (AWS) or Google Cloud Platform (GCP)
Experience in effectively leading large and complex security incidents from detection to remediation
Familiarity with modern security frameworks and best practices, such as the MITRE ATT&CK framework and NIST CSF
Proficiency in one or more general purpose programming languages such as Python, Ruby, Go, or Rust
Experience with Linux administration at scale, associated intrusion/manipulation techniques, and standard methodologies for system hardening and process isolation
We’ll be super impressed if you have experience in any of these:
Developed “detections-as-code”
Conducted threat hunts
Published research on detection engineering or threat intelligence
Developed automations to improve security operations
Familiarity with content delivery networks (CDN), edge cloud platforms, or other Fastly products and services