Senior Security Detection and Response Engineer



Hyderabad, Telangana, India
Posted on Saturday, October 7, 2023
About Opendoor
Founded in 2014, Opendoor’s mission is to empower everyone with the freedom to move. We believe the traditional real estate process is broken and our goal is simple: build a digital, end-to-end customer experience that makes buying and selling a home simple, certain and fast. We have assembled a dedicated team with diverse backgrounds to support more than 100,000 homes bought and sold with us and the customers who have selected Opendoor as a trusted partner in handling one of their largest financial transactions. But the work is far from over as we continue to grow in new markets. Transforming the real estate industry takes tenacity and dedication. It takes problem solvers and builders. It takes a tight knit community of teammates doing the best work of their lives, pushing one another to transform a complicated process into a simple one. So where do you fit in? Whether you’re passionate about real estate, people, numbers, words, code, or strategy -- we have a place for you. Real estate is broken. Come help us fix it.

This position is located in Hyderabad.We are open to consider candidates for relocation.

About the Team

The Security Operations team at Opendoor focuses on identifying and protecting assets, detecting anomalies and attacks, responding to compromise, and recovering from asset compromise in order to return the business to a steady state. The scope of the Security Operations team includes Application Security, Detection Operations, Incident Response, Infrastructure Security, Penetration Testing, and Threat Intelligence.

As the Detection and IR Security Engineer, you will be responsible for implementing and maintaining all aspects of Security across applications and cloud infrastructure. Your primary focus will be to monitor and analyze the organization's cloud and IT infrastructure, networks, and systems for potential security threats, as well as respond to and mitigate security incidents effectively. You will collaborate with cross-functional teams to develop and maintain incident response procedures, as well as contribute to the continuous improvement of the organization's security posture.

Role Responsibilities

  • Detect, respond to and remediate security events
  • Design and Build automation for the detection, investigation and remediation of security events across Opendoor
  • Manage and coordinate Incident Response functions
  • Act as a first responder to both internal and external security notifications
  • Work with stakeholders throughout security and engineering to develop and improve threat detection logic, enhance response capabilities, and deploy new tools.
  • Translate threat bulletins into actionable detections
  • Create and continuously tune detection use cases, rules and analytics using best-practice frameworks such as MITRE ATT&CK.
  • Create and maintain relevant incident response playbooks and documentation on cyber defense techniques and reports

Skills Needed

  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 4+ years of experience in incident response and threat hunting
  • Knowledgeable in detection engineering, endpoint detection and response tooling, intrusion detection, threat hunting, common IOCs/TTPs, MITRE ATT&CK, and initial access techniques.
  • Expertise in security event management and orchestration (SIEM / SOAR).
  • Experience in tooling that is common to the DFIR space (e.g., Splunk, Crowdstrike, Nessus, Palo Alto Prisma, HackerOne, Okta, etc.)
  • Incident Response experience in the Cloud (AWS, Azure) and on MacOS and Windows devices
  • Excellent communication and interpersonal skills, with the ability to interact with stakeholders at all levels.
  • Strong analytical and problem-solving skills, with the ability to make decisions under pressure.
  • Experience in automation with Python, Bash, Go or similar languages

Bonus points if

  • An understanding of the value of usability and buy-in when it comes to security policy and practices
  • DFIR expert: You have deep experience in all aspects of incident response.
  • A love of instrumentation
  • Passion for automation
  • Love for security at work and outside of work. As shown by: presenting at a known security conference, contributing to or creating open source security tools, contributing to the security community in general, etc

More About Us

To learn how we are reinventing the Real Estate industry check out our website, to hear about our culture directly from team members visit The Muse and to discover what we are building for our customers read our blog posts.

#LI-NR2 , #LI-Onsite