Overview
Senior Security Engineer, Detection & Response Jobs in San Francisco, California, USA at Postman
Title: Senior Security Engineer, Detection & Response
Company: Postman
Location: San Francisco, California, USA
Type: Full Time
Category: IT/Tech, Security
Who Are We?
Postman is the world’s leading
collaboration
platform for API development. Postman’s features simplify each step of building an API & streamline
collaboration
to help create better APIs—faster. More than 30 million developers & 500,000 organizations worldwide use Postman today, and we continue to strive humbly towards our mission of 100 million connected developers & serving companies as they seek to innovate in an API-first world.
Our customers are doing more and more astounding things with the Postman product every day, and as a result, we are growing rapidly.
We highly recommend reading The “API-First World” graphic novel to understand the bigger picture & our vision Opportunity We are seeking an experienced Senior Security Engineer, Detection & Response to join our
dynamic
security team. In this role, you will provide Level 2 support to our managed Security Operations Center (SOC), monitoring and analyzing security alerts and emerging threats across our corporate, cloud and production environments to identify and respond to potential security incidents and critical vulnerabilities.
You’ll work closely with the broader security and IT team and other engineering teams to develop a strong understanding of our ecosystem to enable you to act effectively as an Incident Commander when required, and coordinate incident resolution with
cross-functional teams
to ensure 24/7 coverage. This understanding will aid you in your threat hunting and forensic investigations to uncover indicators of compromise and patterns of malicious activity, as well as fine-tune and develop additional detection rules, configurations, custom playbooks and automations tailored to our environment in
collaboration
with our managed the area of vulnerability management, you will monitor security advisories and threat intelligence feeds, and drive proactive actions within the organization.
Your
collaboration
with
cross-functional teams
will be essential in proactively detecting and responding to security threats and ensuring the overall security of our digital assets.
What You’ll Do:
Security Operations
Duties
:
Provide Level 2 support to a managed SOC and support moitoring security alerts and events from various sources, including corporate tools, WAF, security information and event management (SIEM) systems, and AWS to identify potential security incidents, intrusions and vulnerabilities
Conduct threat huntingand perform forensic investigations to identify indicators of compromise (IOCs) and patterns of malicious activity.
Coordinate and manager incident resolution with
cross-functional teams
, including acting as Incident Commander during incidents to help provide 24/7 coverage with other team members.
Support Cloud Detection & Response platforms to enable various automated notification and containment workflows.
Detection Engineering:
Fine-tune and develop detection riles, configurations, and automations based on new threats, lessons learned, or environmental changes.
Work with the managed SOC to develop custom playbooks. Where possible, write scripts and develop custom tools to automate the detection and response processes. Adhere to SSDLC best practices when writing scripts or developing tools.
Identify any gaps in loggin…
