Security Engineer - Cloud Incident Response
UK (Remote), Germany (Remote), Netherlands (Remote)
HashiCorp is a fast-growing startup that solves development, operations, and security challenges in infrastructure so organizations can focus on business-critical tasks. We build tools to ease these decisions by presenting solutions that span the gaps. Our tools manage both physical machines and virtual machines, Windows, and Linux, SaaS and IaaS, etc.
Engineering at HashiCorp is largely a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.
We're looking for talented Security Engineers to join our Threat Detection and Response Team. This team helps defend HashiCorp through strategic detection and response across all of our products and enterprise.
This person will be responsible for creating the tooling and infrastructure that drives our detection and response pipelines. You will work closely with teams across the company to provide foundation tooling to scale detections across all environments.
As a member of our Threat Detection and Response team, you’ll be responsible for ensuring we have the proper visibility, detections, and operations to protect HashiCorp and our customers. You will work closely with engineering teams to turn detections into preventions where possible and continue to drive down time to detection and time to remediation across the enterprise.
HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be
In this role, you can expect to:
- Help drive detection strategy across the enterprise
- Develop software and deploy infrastructure to enable new detection capabilities
and automated response
- Ensure the team has proper visibility into logging sources
- Partner with other engineering and operation teams to understand requirements
for tooling and integrations
- Research emerging attack vectors and techniques
- Document and automate incident response playbooks
- Respond to incidents both as an incident commander and contributor
- Create and run table top exercises
- Work with other engineering teams to enable detections within their platforms
You may be a good fit for our team if:
- You have 3+ years of work experience in incident response, threat intelligence,
or infrastructure security
- You have programming experience in Python and/or Go to build security tools
- You have familiarity with securing cloud services running in Modern Cloud
- You have experience in developing and deploying cloud native applications in
production and comfort with maintaining healthy operations of security tooling and infrastructure.
- You have demonstrated technical experience across related security disciplines
e.g. appsec, intrusion detection and response, network security, infrastructure
- You have the ability to prioritize and track multiple projects in parallel
- You have previous experience working in collaborative security teams.
- You have a background in Threat Detection & Response - bonus points for forensic experience
- You have experience implementing and scaling security programs in a startup
-You have experience speaking / publishing in Tier 1 security conferences
-You have publicly released tools or modules
-You love to build and push the industry to do better
About the Application Process
Please note, as communication is a critical aspect of how we work, a cover letter is a great way to provide a sample of how you communicate. In your cover letter, describe why you're interested in working at HashiCorp, and what draws you to this role in particular.
HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.