Insider Threat, Security Engineer

at X
📍 Palo Alto, United States
📍 San Jose, United States
$127,000-297,000 per year
MIDDLE SENIOR
✅ On-site

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 3 System Administration @ 3 Grafana @ 3 Linux @ 3 Python @ 5 SQL @ 5 Networking @ 3 Jira @ 3 Splunk @ 3 macOS @ 3

Details

Are you prepared to join the X team and help build the ultimate real-time information-sharing app, revolutionizing how people connect? At X, we’re on a mission to become the trusted global digital public square, committed to protecting freedom of speech and building the future unlimited interactivity. Our goal is to empower every user to freely create and share ideas, fostering open public discourse without barriers. Join us in shaping this thrilling journey where your contribution will be invaluable to our success!

Responsibilities

  • Improve our capabilities to effectively detect and respond to internal threats and security incidents.
  • Possess an automation-first mindset.
  • Leverage threat modeling and analysis to build event and/or behavioral-based detections to protect our critical assets and infrastructure.
  • Perform analysis of logs from a variety of sources (e.g., endpoint logs, application logs, network traffic logs) to identify potential insider threats.
  • Perform actions that auto-resolve false positives and provide context scaling our ability to investigate.
  • Identify gaps in our infrastructure and work with software engineers, analysts, investigators, and stakeholders to gain visibility through logging and detection.
  • Perform live response, digital forensics, and analysis of a wide variety of assets including endpoints, mobile, servers, and networking equipment.
  • Conduct insider threat investigations in a cross-functional environment and drive incident resolution.

Requirements

  • Bachelor’s degree in Computer Science/Engineering, or relatable experience/certificates (GIAC Certified Forensic Analyst (GCFA), GIAC Cyber Threat Intelligence (GCTI), GIAC Certified Forensic Examiner (GCFE)).
  • Coding proficiency in Python & SQL.
  • Experience in commercial Endpoint Detection Response (EDR), Security Orchestration Automation Tools (SOAR), and a familiarity with security automation workflows.
  • Networking and system administration experience of server and operating systems (macOS, Linux, Windows).
  • Experience in Gsuite Administration, and JIRA. Familiar with multiple commercial & open-source forensic tools to perform analysis and/or memory collection.
  • Experience in data ingestion in Splunk, Clickhouse, Grafana, and simple storage service, as well as dashboard creation.
  • Experience with anomaly detection applicable to the insider threat detection space.
  • 1- 2+ years incident response experience and/or insider threat experience.
  • 1- 2+ years of cybersecurity operational experience.

Benefits

If you thrive in a dynamic, high-growth tech environment and relish the opportunity to collaborate with passionate, driven over-achievers, your career with us here at X will be both exhilarating and fulfilling!