Job description

**Overview** We are seeking an experienced Senior Security Engineer to join our Security Event Analysis Team (SEAT) within the broader Security Incident Response Team (SIRT), to help our organization respond to cyber-attacks. The ideal candidate will have a deep understanding of the security incident response and incident management process, attacker kill chains / methodologies, be able to respond quickly to attacks, restore services, and forensically investigate the root cause. As a member of our SIRT, you will closely collaborate with other engineers to design and implement solutions, improve incident response readiness, and provide guidance and training to external teams. • *What you'll bring** + A Bachelor’s degree or higher in Technology, Computer Science, Cybersecurity, or a related field is preferred. + Possession of industry-recognized professional level certifications such as AWS Security Specialty, GCIH, GCFA, GFCE, CISSP is advantageous. + 3-5 years of experience in a dedicated cybersecurity role, with a strong emphasis on digital forensics and incident response. + 1-3 years experience using scripting languages such as bash, powershell, and python. + Experience performing analysis and detection engineering using Endpoint Detection and Response or Cloud Security Posture Management tools such as CrowdStrike Falcon, SentinelOne, and Wiz + Comprehensive understanding of cybersecurity and networking principles, including protocols, ports, and frameworks such as OWASP, MITRE ATT&CK, NIST, and CIS. + Experience using and defending Public Cloud services such as AWS, Azure, and GCP. (IAM, CI/CD Pipelines, Network Security, DLP) + Deep understanding of Security Information, and Event Management (SIEM) solutions such as Splunk, LogScale. + Strong analytical and problem-solving abilities, with a focus on identifying root causes and assessing risk exposure. + Exceptional communication skills, both verbal and written, capable of explaining technical details to non-technical audiences and fostering strong stakeholder relationships. + Self-motivated with the ability to work autonomously, managing tasks effectively and seeking assistance when necessary. + Proficient in working under pressure in a dynamic environment, prioritizing tasks to meet tight deadlines while maintaining procedural discipline. + Profound knowledge of digital forensics technologies and methodologies, as well as expertise in the Security Incident Response Lifecycle according to frameworks like NIST or SANS. + Adaptable and proactive attitude, willing to take on various responsibilities and eager to continuously learn and upgrade skills. + Proficient understanding of AI technologies and their application in enhancing security operations, threat detection, and incident response. • *How you will lead** + Oversee and promptly respond to escalated security events or investigations, and activate the Security Incident Response Plan as required. + Provide on-call support for critical severity issues, manage communications, and report incident status to the appropriate stakeholders. + Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents. + Develop, maintain, and improve incident response plans, procedures, and playbooks to ensure swift action and regulatory compliance. + Present guidance and training on security best practices and incident response to organizational partners, while ensuring alignment with business objectives and compliance requirements. + Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics and best practices. + Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs. + Assess vulnerabilities, propose remediation strategies, and keep up-to-date on current and emerging security trends, threats, and countermeasures. _Intuit provides a competitive compensation package with a strong pay for performance rewards approach. The expected base pay range for this position is:_ _Southern California_ _$146,000-$197,500_ _This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at Intuit®: Careers | Benefits (https://www.intuit.com/careers/benefits/full-time-employees/) )._ Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing fair pay for employees, Intuit conducts regular comparisons across categories of ethnicity and gender. EOE AA M/F/Vet/Disability. Intuit will consider for employment qualified applicants with criminal histories in a manner consistent with requirements of local law. • *Overview** We are seeking an experienced Senior Security Engineer to join our Security Event Analysis Team (SEAT) within the broader Security Incident Response Team (SIRT), to help our organization respond to cyber-attacks. The ideal candidate will have a deep understanding of the security incident response and incident management process, attacker kill chains / methodologies, be able to respond quickly to attacks, restore services, and forensically investigate the root cause. As a member of our SIRT, you will closely collaborate with other engineers to design and implement solutions, improve incident response readiness, and provide guidance and training to external teams. • *What you'll bring** + A Bachelor’s degree or higher in Technology, Computer Science, Cybersecurity, or a related field is preferred. + Possession of industry-recognized professional level certifications such as AWS Security Specialty, GCIH, GCFA, GFCE, CISSP is advantageous. + 3-5 years of experience in a dedicated cybersecurity role, with a strong emphasis on digital forensics and incident response. + 1-3 years experience using scripting languages such as bash, powershell, and python. + Experience performing analysis and detection engineering using Endpoint Detection and Response or Cloud Security Posture Management tools such as CrowdStrike Falcon, SentinelOne, and Wiz + Comprehensive understanding of cybersecurity and networking principles, including protocols, ports, and frameworks such as OWASP, MITRE ATT&CK, NIST, and CIS. + Experience using and defending Public Cloud services such as AWS, Azure, and GCP. (IAM, CI/CD Pipelines, Network Security, DLP) + Deep understanding of Security Information, and Event Management (SIEM) solutions such as Splunk, LogScale. + Strong analytical and problem-solving abilities, with a focus on identifying root causes and assessing risk exposure. + Exceptional communication skills, both verbal and written, capable of explaining technical details to non-technical audiences and fostering strong stakeholder relationships. + Self-motivated with the ability to work autonomously, managing tasks effectively and seeking assistance when necessary. + Proficient in working under pressure in a dynamic environment, prioritizing tasks to meet tight deadlines while maintaining procedural discipline. + Profound knowledge of digital forensics technologies and methodologies, as well as expertise in the Security Incident Response Lifecycle according to frameworks like NIST or SANS. + Adaptable and proactive attitude, willing to take on various responsibilities and eager to continuously learn and upgrade skills. + Proficient understanding of AI technologies and their application in enhancing security operations, threat detection, and incident response. • *How you will lead** + Oversee and promptly respond to escalated security events or investigations, and activate the Security Incident Response Plan as required. + Provide on-call support for critical severity issues, manage communications, and report incident status to the appropriate stakeholders. + Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents. + Develop, maintain, and improve incident response plans, procedures, and playbooks to ensure swift action and regulatory compliance. + Present guidance and training on security best practices and incident response to organizational partners, while ensuring alignment with business objectives and compliance requirements. + Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics and best practices. + Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs. + Assess vulnerabilities, propose remediation strategies, and keep up-to-date on current and emerging security trends, threats, and countermeasures. _Intuit provides a competitive compensation package with a strong pay for performance rewards approach. The expected base pay range for this position is:_ _Southern California_ _$146,000-$197,500_ _This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at Intuit®: Careers | Benefits (https://www.intuit.com/careers/benefits/full-time-employees/) )._ Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing fair pay for employees, Intuit conducts regular comparisons across categories of ethnicity and gender. EOE AA M/F/Vet/Disability. Intuit will consider for employment qualified applicants with criminal histories in a manner consistent with requirements of local law.

Requirements