HashiCorp
Sr. Threat Detection & Incident Response Engineer
About this team:
We're looking for talented Detection Engineers & Incident Responders to join our Threat Detection and Response Team (TDR). This team will help defend HashiCorp through strategic detection, response, and prevention patterns across all of our products and the enterprise.
In this role, you will:
As a member of our TDR team, you’ll be responsible for ensuring we are continually striving for best practices implemented within incident response that enable HashiCorp to quickly respond to emerging threats. This person will be responsible for incident response & building automation from start to finish coordinating across multiple teams of varying technical ability. This includes alert investigation, tool development, and collaboration across teams to understand potential threat vectors which cannot be fully prevented.
You will partner with engineering and other stakeholders to define and drive a rapid response program to secure our vast technological footprint supporting our products and the enterprise. Tooling and automation will be key to success as we scale our environments to meet customer demand. Lastly, we can’t detect what we cant see, so driving visibility improvements across the company will be key to ensuring the IR function is always equipped with the necessary data to perform its job function.
Engineering at HashiCorp is largely a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.
HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.
Qualifications:
- Proficiency in coding with Python or Golang, with a desire to continue to build these skills and contribute to internal tool development
- 3+ years of experience in an Incident Response or Detection role
- Desire to solve response challenges with automation and strive for efficient use of human operator time
- Understand how to properly determine scope and impact from an array of multiple alerting systems monitoring both corporate IT and production environments
- Comfortable with the incident response process, from triage to closure, providing various levels of support and coordination across multiple teams
- Working Knowledge of: Linux (Production Workloads), Mac (Primary endpoints in our fleet), Windows (Plus but not required)
- Experience with multiple Cloud Provider Environments
- CI / CD experience
- Common Infrastructure as Code deployment processes.
Bonus Points:
- Cloud Workload Forensics - Memory and Storage collection and analysis
- Understanding of legal holds, chain of custody and other fun IR activities to protect HashiCorp
- Speaking / publishing at security conferences
- Publicly released tools or modules
- #LI-AD1
#LI-Hybrid
“HashiCorp is an IBM subsidiary which has been acquired by IBM and will be integrated into the IBM organization. HashiCorp will be the hiring entity. By proceeding with this application you understand that HashiCorp will share your personal information with other IBM subsidiaries involved in your recruitment process, wherever these are located. More information on how IBM protects your personal information, including the safeguards in case of cross-border data transfer, are available here: link to IBM privacy statement.”
