Security Engineer - Detection and Response
- Full-time
Company Description
Afterpay’s mission is to power an economy in which everyone wins, to play fair, trust people and reward them for doing the right thing. We are obsessed with our product and we see and feel the impact of our work as more and more people gain financial freedom and retailers grow across the globe.
Offered by more than 70,000 of the world’s best retailers and has more than 14 million active customers globally. Top fashion and beauty retailers across the globe - including Ebay, The Iconic, Myer, Foot Locker, Adore Beauty, Mac Cosmetics, Kathmandu and many others. We also have offices across the globe including New Zealand, USA, China, UK and Europe!
Job Description
Our detection and response function is responsible for:
Knowing who our adversaries are and their favoured techniques
Ensuring that we can detect those adversaries and techniques
Designing and drilling an effective response to those techniques
To do this we need not only to respond to alerts but also to design, implement and manage the systems that create those alerts. It also means practising our responses by training with our business stakeholders.
We’re big believers that the best way to scale a detection and response function is to focus on automation and on aligning the incentives of the people on the team. We aren’t a company that will measure the efficacy of our detection function based on the number of alerts they fire in a day - instead we want to focus on building controls that give us the best chance of detecting adversaries in ways that are unlikely to lead to false alarms or wasted time.
Being a part of our detection and response function will require you to be technical. You’ll understand adversary behaviour and have experience with using automation to solve detection and response problems. You’ll be calm under pressure and a team player.
As a senior member of our team, we will also look to you to help us build a great team culture, enjoy the ride and have a laugh along the way.
You will:
Use and generate intelligence to understand adversaries and their business impact
Prioritise, design and deploy detection systems for our adversaries
Assist with the operation our security monitoring tooling
Create and maintain response runbooks
Prioritise and respond to alerts generated by our monitoring tooling
Assist with the maintenance and operation of our crisis management plans
Participate with industry to learn about and share knowledge of adversaries
Qualifications
You are:
Self-driven - We afford our team members a lot of autonomy. Our style is to agree on a set of goals and metrics up front and to empower people to get their jobs done.
Creative - We value team members who are able to find smart ways to balance risk and requirement. We aren’t a team that dogmatically follows established security processes.
Technical - We value team members who understand attacker behaviour as well as our operating environment who can then design detection solutions that are appropriate. This includes intermediate python skills and experience creating detections for AWS, and responding to those detections.
Calm - Detection and response work can be stressful. Succeeding in this role will require someone who can remain calm in a crisis.
Disciplined - Delivering against our goals requires someone who is able to keep themselves honest and to continue to move forward regardless of what is happening around them.
Hungry for improvement - We value identifying and implementing smarter ways of achieving our goals as well as levelling up the skills of the team.
Additional Information
Technologies we use and teach:
Python
Cloud SIEM
Cloud Automation
We’re working to build a more inclusive economy where our customers have equal access to opportunity, and we strive to live by these same values in building our workplace. Block is a proud equal opportunity employer. We work hard to evaluate all employees and job applicants consistently, without regard to race, color, religion, gender, national origin, age, disability, veteran status, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
We believe in being fair, and are committed to an inclusive interview experience, including providing reasonable accommodations to disabled applicants throughout the recruitment process. We encourage applicants to share any needed accommodations with their recruiter, who will treat these requests as confidentially as possible. Want to learn more about what we’re doing to build a workplace that is fair and square? Check out our I+D page.
Additionally, we consider qualified applicants with criminal histories for employment on our team, assessing candidates in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.
We’re working to build a more inclusive economy where our customers have equal access to opportunity, and we strive to live by these same values in building our workplace. Block is a proud equal opportunity employer. We work hard to evaluate all employees and job applicants consistently, based solely on the core competencies required of the role at hand, and without regard to any legally protected class.
We believe in being fair, and are committed to an inclusive interview experience, including providing reasonable accommodations to disabled applicants throughout the recruitment process. We encourage applicants to share any needed accommodations with their recruiter, who will treat these requests as confidentially as possible. Want to learn more about what we’re doing to build a workplace that is fair and square? Check out our I+D page.
Perks
We want you to be well and thrive. Our global benefits package includes:
- Healthcare coverage
- Retirement Plans
- Employee Stock Purchase Program
- Wellness perks
- Paid parental leave
- Paid time off
- Learning and Development resources
Block, Inc. (NYSE: SQ) is a global technology company with a focus on financial services. Made up of Square, Cash App, Spiral, TIDAL, and TBD54566975, we build tools to help more people access the economy. Square helps sellers run and grow their businesses with its integrated ecosystem of commerce solutions, business software, and banking services. With Cash App, anyone can easily send, spend, or invest their money in stocks or Bitcoin. Spiral (formerly Square Crypto) builds and funds free, open-source Bitcoin projects. Artists use TIDAL to help them succeed as entrepreneurs and connect more deeply with fans. TBD54566975 is building an open developer platform to make it easier to access Bitcoin and other blockchain technologies without having to go through an institution.