Security Engineer (Digital Forensics and Incident Response)
Squarespace is looking for a Security Engineer of Digital Forensics and Incident Response to join a dedicated team responsible for monitoring and responding to attacks on our platform. You'll partner with teams across the organization to build processes that secure a platform that powers millions of websites. You will report to the Detection and Response Manager.
All Squarespace employees are working remotely at this time. We are monitoring the status of COVID-19 as we continue our work to build a return-to-work plan that ensures a safe return to our offices and provide flexibility for our employees.
RESPONSIBILITIES
- You will conduct digital forensics and incident response at the Senior Security Engineer level
- Deploy Intrusion Detection System and other perimeter security defenses.
- You will respond to ongoing incidents, investigate historical compromises, and provide adept analysis and findings
- Establish strategies for threat detection, alerting, and response;
- You will initiate reactive threat hunting engagements by performing endpoint, network, application, and log analysis
- Establish processes and build 'playbooks' of operational response to incidents
- Familiarity with Threat Intelligence, ability to speak a second language such as Russian to keep up-to-date of modern threats and InfoSec news.
- Build and support security-focused tools and services
- Provide Mentorship and technical expertise to junior team members to assist their technical development.
QUALIFICATIONS
- 5+ years experience in the security industry including both Defensive and Offensive experience.
- Certifications which include but are not necessarily limited to: OSCP, OSCE, OSWP
- Experience with Cloud & Container Security, and infrastructure as code.
- Knowledge of Malware Analysis, Reverse Engineering, and Host-based and Memory Forensics.
- Proficiency in at least 3 programming or scripting languages (preference to Python, Go, JavaScript, or Bash)
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP/HTTPS) and how to keep them secure.
- Diverse range of security experience at the enterprise level (information, application, network, and IT)
- Experience with Red & Purple Team Exercises, Adversary Resilience, and Cyber Deception
- Experience working with cloud technologies (eg. Amazon Web Services, Google Cloud Platform, Heroku) and Networking and Web Application security
About Squarespace
Squarespace makes beautiful products to help people with creative ideas succeed. By blending elegant design and engineering, we empower millions of people — from individuals and local artists to entrepreneurs shaping the world's most iconic businesses — to share their stories with the world. Squarespace's team of more than 1,200 is headquartered in downtown New York City, with offices in Dublin, Los Angeles and Portland. For more information, visit www.squarespace.com/about.
Benefits & Perks
- Health insurance with 100% premium covered for you and your dependent children
- Flexible vacation & paid time off
- Up to 20 weeks of paid family leave
- Equity plan for all employees
- Retirement benefits with employer match
- Fertility and adoption benefits
- Free lunch and snacks at all offices
- Education reimbursement
- Dog-friendly workplace in New York office
- Commuter benefit in the form of reduced tax (Ireland) and pretax (US)
Today, more than a million people around the globe use Squarespace to share different perspectives and experiences with the world. Not only do we embrace and celebrate the diversity of our customers, but we also work toward the same in our employees. At Squarespace, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We are proud to be an equal opportunity workplace.