Senior Security Engineer (Detection)


March 16, 2021

San Francisco, CA 94103, US

Company Description
Twitter is what’s happening and what people are talking about right now. For us, life's not about a job, it's about purpose. We believe real change starts with conversation. Here, your voice matters. Come as you are and together we'll do what's right (not what's easy) to serve the public conversation.
Job Description
You will be responsible for leading day-to-day security threat management. You will help identify and manage potential incidents and work with partner teams on known or suspected security threats. You will support threat intelligence, threat hunting, intrusion detection, and incident response efforts that adhere to, and push forward, best practices.
As an senior engineer, you will:

  • Mentor and help develop other members of the organization.

  • Drive continual improvement in processes and procedures to improve the quality and effectiveness of the team.

  • Identify and develop new detection use cases and optimize existing use cases.

  • Collaborate on technical directions and solutions with other teams.

  • Provide secondary analysis, determine remediation, and escalate as appropriate.

  • Research and analyze patterns in security events across Twitter’s global infrastructure.

  • Identify, design, and lead threat hunting missions to quantify and reduce threats.

  • Manage and support the log collection, security scanning, intrusion detection, and other security-related systems.

  • Design and build security metric-focused dashboards and reports.

  • Design and assistant in the development of automation to reduce false positives and handle events automatically.

  • Analyze the security posture of systems via testing and vulnerability impact analysis.

  • Participate in a 24/7 oncall rotation.

You care about security and building a secure environment for the people using Twitter everyday. You are curious, and have experience with the tools of the trade, comfortable digging into the details, and eager to help others protect our systems. Ideally, you have most of the following:

  • 3-5 years of relevant information security experience, with a focus on detection engineering and security operations.

  • Knowledge of networking and macOS, Windows, and/or Linux operating systems.

  • Knowledge of AWS and/or GCP security services.

  • Practical experience managing and/or deploying security technology.

  • Experience with building Splunk or ELK-stack queries and dashboards.

  • Knowledge of current threats and techniques and a desire to research and learn more.

  • Practical knowledge of SQL and scripting using Python or PowerShell, and a desire to improve.

Additional Information
We care about making work happy and productive for everyone, with the option to work from home and remotely when you need, wellness benefits, six months of parental leave, and unlimited vacation that we believe you should be taking.
We love sharing knowledge and ideas. Within our team, we have regular lightning talks. We regularly get together with the other Twitter engineering teams for tech talks. And there are many study groups you can join.
A few other things we value:

  • Ethics - Ethical behavior means that we expect our team to work within their limits, ask for assistance, keep conclusions fact-based, and respect all of their professional responsibilities.

  • Challenge - We solve some of the industry’s hardest problems. Come to be challenged, learn, and thrive as an engineer.

  • Diversity - Diversity makes us a better organization and team. We value diverse backgrounds, ideas, and experiences.

  • Work, Life, Balance - We work hard, but we believe with hard work should come balance.

  • Collaboration - There’s that saying, “If you want to go fast, go alone. If you want to go far, go together.” We want to go far.

  • Variety - We encourage team rotations that allow you to work with and learn from other teams at Twitter.