Senior Security Incident Response Engineer

Your opportunity

New Relic’s Information Security Team is searching for a Senior Security Incident Response Engineer! If you enjoy a work environment where you're part of a successful distributed team that collaborates to achieve successful outcomes, we would love to talk to you! In this role, you will use your background and deep understanding of how attackers gain access to systems and apply it to respond to cyber security incidents covering all phases including identification, containment and eradication.

As an engineer of our growing Security Incident Response team, you will collaborate with teams throughout the organization, providing security insight, mitigation strategies, and preventive measures from detections. You will help develop our security program through collaboration, investigation, documentation, and engineering practices.

What you'll do

• Support and maintain response strategy and tooling to severe incidents and key attack scenarios.
• Support the SoC alert life cycle: triage security risk, investigate alerts, develop runbooks, policies and procedures to help the company respond, and run retrospectives to coordinate effort across the company to prevent future incidents.
• Maintain healthy working relationships with our managed security service providers and respond to incident escalations.
• Maintain coordination and communication streams horizontally and vertically as part of major cyber related incident handling.
• Know the latest APT tactics and techniques and use engineering practices to detect and respond.
• Provide technical expertise to engineering teams on standard methodologies, tools and frameworks.
• Work with product managers, senior management, and end users to drive security maturity across the business.

This role requires

Must-have:

• Willingness to work in rotational shifts including Morning, Evening and Night shifts.
• Willingness to work in weekend shifts and support on call.
• You have at least five years of recent experience working in a threat hunting, threat intelligence, incident response, or security engineering role.
• Experience configuring security incident and event management tools, including creating event filtering, correlation rules, and  reports.
• Strong understanding of the MITRE ATT&CKFramework.
• Experience performing risk assessment,threattracking,or vulnerability management and success in evaluating and communicating severity, impact, and likelihood of a risk to a wide audience
• Familiarity with digital forensic tools and techniques for hands-on response during incidents

Bonus points if you have

• Experience building a successful SOC or developing incident response plans or run books
• Software engineering experience, primarily in Python or other high-level programming language
• Experience in cloud detections (AWS,Azure,GCP)
• Experience with DevOps CI/CD pipelines including Terraform, Atlantis, Ansible, Kubernetes, and Argo
• Experience with enterprise Kubernetes deployments,including EKS
• Experience creating SOAR workflows and automation

Fostering a diverse, welcoming and inclusive environment is important to us. We work hard to make everyone feel comfortable bringing their best, most authentic selves to work every day. We celebrate our talented Relics’ different backgrounds and abilities, and recognize the different paths they took to reach us – including nontraditional ones. Their experiences and perspectives inspire us to make our products and company the best they can be. We’re looking for people who feel connected to our mission and values, not just candidates who check off all the boxes. 

If you require a reasonable accommodation to complete any part of the application or recruiting process, please reach out to [email protected].

We believe in empowering all Relics to achieve professional and business success through a flexible workforce model. This model allows us to work in a variety of workplaces that best support our success, including fully office-based, fully remote, or hybrid.

Our hiring process

In compliance with applicable law, all persons hired will be required to verify identity and eligibility to work and to complete employment eligibility verification. Note: Our stewardship of the data of thousands of customers’ means that a criminal background check is required to join New Relic.

We will consider qualified applicants with arrest and conviction records based on individual circumstances and in accordance with applicable law including, but not limited to, the San Francisco Fair Chance Ordinance.

Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. New Relic does not accept unsolicited headhunter and agency resumes, and will not pay fees to any third-party agency or company that does not have a signed agreement with New Relic.

Candidates are evaluated based on qualifications, regardless of race, religion, ethnicity, national origin, sex, sexual orientation, gender expression or identity, age, disability, neurodiversity, veteran or marital status, political viewpoint, or other legally protected characteristics. 

Review our Applicant Privacy Notice at https://newrelic.com/termsandconditions/applicant-privacy-policy