Senior Staff Detection and Response Engineer

Druva, the autonomous data security company, puts data security on autopilot with a 100% SaaS, fully managed platform to secure and recover data from all threats. The Druva Data Security Cloud ensures the availability, confidentiality, and fidelity of data - providing customers with autonomous protection, rapid incident response, and guaranteed data recovery. The company is trusted by its more than 6,000 customers, including 65 of the Fortune 500, to defend business data in today’s ever-connected world. Amidst a rapidly evolving security landscape, Druva offers a $10 million Data Resiliency Guarantee ensuring customer data is protected and secured against every cyber threat. Visit druva.com and follow us on LinkedIn, Twitter and Facebook.

The Team

The Druva Cyber Defense Team is responsible for intrusion detection, security incident response, cyber threat intelligence, and adversarial emulation across our global production and corporate environments. We partner closely with various business units to collaboratively solve security challenges facing our customers and employees.

We’re seeking experienced professionals with a proven track record building security tools, fostering trust, and mentoring security personnel.

The Role

As a Sr. Staff Detection & Response Engineer, you will be responsible for executing and influencing the threat detection and incident response tooling roadmaps at Druva. You will contribute to assessment of gaps in current capabilities for workload execution visibility, log collection/storage, and threat detection at all layers. You will also contribute to assessment of acquisition, collection, storage, and analysis of forensic data. The majority of the role is implementing tools to fill the identified gaps. These projects will require knowledge of scripting and cloud services.

You will mentor less experienced personnel, delegate tasks calibrated for their experience and skills, and provide constructive feedback. You will serve as a role model for respectful and collaborative interactions with other teams.

You will participate in alert triage and investigation, and security incident response as required. Experience commanding security incidents is a big plus.

Qualifications

Successful candidates will likely have several of the following characteristics:

• 10+ years experience, with +5 in incident response and/or forensics
• Security incident response against hands-on-keyboard adversaries
• Experience building tools on top of AWS services (preferred) or another major Public Cloud Provider
• Experience scripting with Python or Go
• Clear and empathetic communication
• Adept at working in global, distributed teams, with diverse culture
• A degree in computer science, information security, or a related field, or equivalent foundational knowledge gained through experience

The following characteristics are will be considered a bonus:

• Experience defending SaaS environments
• Experience as “incident commander” for large security incidents
• Deep knowledge in forensics and/or malware analysis
• Experience with open-source tools such as Sleuthkit, Falco, Volatility, Plaso, Velociraptor, GRR, etc