Security Incident Response Lead
- USA Only
Title:Security Incident Response Lead
- Location: US (Remote)
Fastly helps people stay better connected with the things they love. Fastly’s edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers’ applications as close to their end-users as possible at the edge of the Internet. The platform is designed to take advantage of the modern internet, to be programmable, and to support agile software development. Fastly’s customers include many of the world’s most prominent companies, including Vimeo, Pinterest, The New York Times, and GitHub.
We’re building a more trustworthy Internet. Come join us.
Security Incident Response Lead
We are looking for an individual to join the Security team and serve as the subject matter expert for security incident response to the Security Assurance and Response team. This is a high-impact role reporting to the Manager of Security Assurance and Response, and you’ll be instrumental in improving Fastly’s security incident response program.
You will be supported by a friendly security team, where you can learn and develop. We check our egos at the door. You’ll make sure our customers benefit from services built to the highest security standards in the industry.
What You’ll Do
- Help build and lead end-to-end security incident response investigations
- Serve as a Cybersecurity Incident Response Team (CSIRT) lead and/or incident manager
- Create, maintain and promote security incident response plan, runbooks and response procedures
- Coordinate with Fastly Security and other Fastly teams to trigger and execute the security incident response process
- Drive improvements in Security Incident and Event Management (SIEM), including: strategy, tuning, correlation, alerting, reporting, and dashboard creation
- Serve as main point of contact for Fastly’s managed service providers for initial security response
What We’re Looking For
- Experience using Splunk as well as developing, maintaining, and tuning Splunk content
- Strong organizational skills and an ability to work on several projects of varying importance at once
- Experience leading security incidents of all levels working in a Security Operations Center (SOC) or dedicated security incident response team
- Splunk engineering experience
- Experience developing custom code or scripts for security event analysis and incident response automation
- Demonstrated knowledge and understanding of security incident types, indicators of compromise (IOCs), and tools, tactics, and procedures (TTPs)
- Experience communicating technical details across all levels of the organization
We value a variety of voices, so this is not a laundry list. It would be an added bonus if you have experience in ANY of these:
- Experience building or rebuilding a security incident response program or Security Operations Center (SOC)
- Experience using the MITRE ATT&CK framework to improve security incident detection and response
- Experience planning, conducting and documenting threat hunting engagements and providing recommendations based on the findings
- Security certifications like GCIA, GCIH, OSCP, CISSP, etc
- We have a huge impact. Fastly is a small company with a big reach. Not only do our customers have a tremendous user base, but we also support a growing number of open source projects and initiatives. Outside of code, employees are encouraged to share causes close to their heart with others so we can help lend a supportive hand.
- We love distributed teams. Fastly’s home-base is in San Francisco, but we have multiple offices and employees sprinkled around the globe. In fact, 50% of our employees work outside of SF! An international remote culture is in our DNA.
- We care about you. Fastly works hard to create a positive environment for our employees, and we think your life outside of work is important too. We support our teams with great benefits like up to 20 weeks of paid parental leave, options for free medical/dental/vision plans, and an open vacation program that enables our folks to take the time they need to recharge (some benefits may vary by location).
- We value diversity. Growing and maintaining our inclusive and diverse team matters to us. We are committed to being a company where our employees feel comfortable bringing their authentic selves to work and have the ability to be successful — every day.
- We are passionate. Fastly is chock full of passionate people and we’re not one size fits all’. Fastly employs authors, pilots, skiers, parents (of humans and animals), makeup geeks, coffee connoisseurs, and more. We love employees for who they are and what they are passionate about.
We’re always looking for humble, sharp, and creative folks to join the Fastly team. If you think you might be a fit, please apply!
Fastly is committed to ensuring equal employment opportunity and to providing employees with a safe and welcoming work environment free of discrimination and harassment.
Employment decisions at Fastly are based on business needs, job requirements and individual qualifications, without regard to race, color, religion, gender, gender identity, gender expression, sexual orientation, national origin, family or parental status, disability*, age, veteran status, or any other status protected by the laws or regulations in the locations where we operate. Fastly encourages applicants from all backgrounds.
*Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Fastly. Please inform us if you need assistance completing any forms or to otherwise participate in the application process.