Security Detection and Response Engineer
This position is located in Hyderabad.We are open to consider candidates for relocation.
About the Team
The Security Operations team at Opendoor focuses on identifying and protecting assets, detecting anomalies and attacks, responding to compromise, and recovering from asset compromise in order to return the business to a steady state. The scope of the Security Operations team includes Application Security, Detection Operations, Incident Response, Infrastructure Security, Penetration Testing, and Threat Intelligence.
As the Detection and IR Security Engineer, you will be responsible for implementing and maintaining all aspects of Security across applications and cloud infrastructure. Your primary focus will be to monitor and analyze the organization's cloud and IT infrastructure, networks, and systems for potential security threats, as well as respond to and mitigate security incidents effectively. You will collaborate with cross-functional teams to develop and maintain incident response procedures, as well as contribute to the continuous improvement of the organization's security posture.
- Detect, respond to and remediate security events
- Design and Build automation for the detection, investigation and remediation of security events across Opendoor
- Manage and coordinate Incident Response functions
- Act as a first responder to both internal and external security notifications
- Work with stakeholders throughout security and engineering to develop and improve threat detection logic, enhance response capabilities, and deploy new tools.
- Translate threat bulletins into actionable detections
- Create and continuously tune detection use cases, rules and analytics using best-practice frameworks such as MITRE ATT&CK.
- Create and maintain relevant incident response playbooks and documentation on cyber defense techniques and reports
- Bachelor's degree in Computer Science, Information Security, or a related field
- 4+ years of experience in incident response and threat hunting
- Knowledgeable in detection engineering, endpoint detection and response tooling, intrusion detection, threat hunting, common IOCs/TTPs, MITRE ATT&CK, and initial access techniques.
- Expertise in security event management and orchestration (SIEM / SOAR).
- Experience in tooling that is common to the DFIR space (e.g., Splunk, Crowdstrike, Nessus, Palo Alto Prisma, HackerOne, Okta, etc.)
- Incident Response experience in the Cloud (AWS, Azure) and on MacOS and Windows devices
- Excellent communication and interpersonal skills, with the ability to interact with stakeholders at all levels.
- Strong analytical and problem-solving skills, with the ability to make decisions under pressure.
- Experience in automation with Python, Bash, Go or similar languages
Bonus points if
- An understanding of the value of usability and buy-in when it comes to security policy and practices
- DFIR expert: You have deep experience in all aspects of incident response.
- A love of instrumentation
- Passion for automation
- Love for security at work and outside of work. As shown by: presenting at a known security conference, contributing to or creating open source security tools, contributing to the security community in general, etc
More About Us
To learn how we are reinventing the Real Estate industry check out our website, to hear about our culture directly from team members visit The Muse and to discover what we are building for our customers read our blog posts.
#LI-NR2 , #LI-Onsite