Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes has grown beyond malware remediation to ensuring cyberprotection for every one, providing device protection, privacy, and prevention solutions in the home, on-the-go, at work, or on campus. With threat hunters and innovators across the world, we want great people, like YOU, to join our team!
A motivated and experienced security professional who is looking to take on the challenge of improving Security processes at a Security company. We’re looking for someone to join our small but growing security team and apply their experience with Security Operations (SecOps) and Incident Response (IR). We are looking for someone who has operated in a blue team capacity, comfortable responding to incidents, analyzing and investigating, threat hunting, conducting threat intelligence, as well as deep knowledge of the latest threats, tactics and techniques used by threat hunters, and how to identify them.
What You’ll Do
As a Sr. Security Engineer you will have the opportunity to work on the following:
- Responding to incidents and conducting investigations as events happen through analyzing logs and various other sources.
- Examine systems, logs, and malware data to assess incident scope and impact
- Prepare formal reports on incident findings
- Develop, integrate, and improve cyber security incident response playbooks and documentation
- Drive improvements in cybersecurity incident detection and incident response automation capabilities
- Participate and conduct threat hunts as needed
- Work with the wider team to enhance the cyber security environment
Skills You’ll Need to Have
- Must have a deep understanding of computer intrusion activities, incident response techniques, tools and procedures.
- Thorough knowledge of digital forensics methodology as well as security architecture, system administration and networking
- Experience in conducting analysis to determine root cause and impact of security incident
- Knowledge of exploit kits and adversary techniques
- Be detail oriented and able to capture detailed notes n relevant information and other aspects of the analysis process to be used for reporting purposes
- Knowledgeable on multiple technologies and systems that support CSOC and CSIRT services (e.g. SOAR, SIEM, IPS/IDS, EDR, etc.)
- Excellent written and verbal communication skills
- Must be action-oriented and a proactive approach to solving issues
- Current security training or certifications such as CISSP, CISA, CISM, SANS GPEN, CEH or similar are a plus
- Willing to be available, as needed, for major and critical incident response activities during off-hours
Nice to Have Skills:
- Familiarity with digital forensics concepts and tools, malware reversal concepts and techniques, and data loss and data protection concepts and processes
- Thorough knowledge of digital forensics methodology as well as security architecture, system administration and networking
- Experience with various scripting languages (e.g. Python, PowerShell, JavaScript)
- Certifications in any of the following: GIAC Forensic Examiner (GCFE), GIAC Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), GIAC Network Forensic Analyst (GNFA)
Benefits and Perks:
- An opportunity to do something great for yourself and the world
- A great work environment that supports growth, development, and most importantly having fun!
- Comprehensive medical, dental, vision, and life insurance coverage
- Competitive salary and equity stock incentives
- 401k + company match
- Open Time Off Policy
- Employee Referral Bonus Program
- Wellness programs