LinkedIn
Senior Information Security Engineer - Incident Response
LinkedIn, Mountain View, California, us, 94039
LinkedIn is the world’s largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We’re also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that’s built on trust, care, inclusion, and fun – where everyone can succeed.
Join us to transform the way the world works.
At LinkedIn, we trust each other to do our best work where it works best for us and our teams. This role offers a hybrid work option, meaning you can both work from home and commute to a LinkedIn office, depending on what’s best for you and when it is important for your team to be together.
This role will be based in our Mountain View, CA campus.
About the team
LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. We never stop working to ensure LinkedIn is secure. We follow industry standards and have developed our own best practices to stay ahead of the increasing number of threats facing all Internet services and infrastructure. LinkedIn is looking for an experienced Senior Incident Response Engineer to be an integral part of our Information Security organization. The Incident Response team is responsible for protecting our infrastructure, applications, and, most importantly, our members. This role will be responsible for playing a key role in our security monitoring and incident response team.
The role is a Senior position, coming in with years of real world experience in responding and leading incident investigations, developing playbooks, and continually striving to improve processes and response times. Additionally as a Senior, a successful candidate will help lead the continued improvements, mentor more junior team members, while acting as a lead during large scale incidents.
Responsibilities:
· Independently triage security alerts and incident reports.
· Investigate incidents using available resources, forensic and threat hunting skills.
· Drive small to medium scale incidents with multiple team members and partner teams to closure.
· Conduct host, network, and log analysis in support of incident response investigations
· Enhance our in-house incident response platforms and build new capabilities.
· Participate in oncall activities.
· Work with partner teams including: PR, HR, Legal, Compliance, Investigations, Microsoft CDOC, Engineering, EPE.
· Work in a team environment to drive large scale incidents to closure and full remediation.
· Contribute to improving processes, procedures and technologies used by the team.
· Provide feedback to detection engineering team about accuracy and quality of detections
· Provide proactive and accurate data to all stakeholders for internal communication
· Help uplift entire team by providing demonstration of new processes or training on systems
· Support mentoring and technical development of incident response engineers
Basic Qualifications:
· BA/BS degree in Information Security, CyberSecurity, Computer Science, or other related technical disciplines, or equivalent practical experience
· 4+ years experience in Information Security, with 3+ years experience in Incident Response as part of that experience.
· Incident response experience should include:
· Experience with triaging security alerts.
· Experience with incident lifecycle and incident handling.
· Experience with log analysis
· Experience with SIEM solutions
· Experience with Windows and Unix operating systems logs.
· Experience with Web Server logs.
· Experience with EDR solutions
· Experience with system level analysis - windows, linux, and mac.
· Experience with 1 or more of these areas:
· System Forensics
· Network Forensics
· Cloud Forensics
· SOAR/Security Orchestration
· Threat Intelligence
Preferred Qualifications:
· Master’s degree in Information Security, CyberSecurity, Computer Science, or other related technical disciplines.
· Developer experience, the ability to understand source code and develop scripts.
· Practical threat hunting experience with open source tool chain
· Scripting knowledge to automate repetitive, time consuming and error prone activities using a general purpose scripting language (ex: Python)
· Prior experience with malware analysis
Suggested Skilles:
· Incident Response
· Information Security
· Incident response investigations
· Threat Hunting
LinkedIn is committed to fair and equitable compensation practices.
The pay range for this role is $121,000-198,000. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. This may be different in other locations due to differences in the cost of labor.
The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For more information, visit https://careers.linkedin.com/benefits.
Equal Opportunity Statement
LinkedIn is committed to diversity in its workforce and is proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is an Affirmative Action and Equal Opportunity Employer as described in our equal opportunity statement here: https://microsoft.sharepoint.com/:b:/t/LinkedInGCI/EeE8sk7CTIdFmEp9ONzFOTEBM62TPrWLMHs4J1C_QxVTbg?e=5hfhpE. Please reference https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf and https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf for more information.
LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.
If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at accommodations@linkedin.com and describe the specific accommodation requested for a disability-related limitation.
Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to:
-Documents in alternate formats or read aloud to you
-Having interviews in an accessible location
-Being accompanied by a service dog
-Having a sign language interpreter present for the interview
A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response.
LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information.
Pay Transparency Policy Statement
As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: https://lnkd.in/paytransparency.
Global Data Privacy Notice for Job Candidates
This document provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: https://lnkd.in/GlobalDataPrivacyNotice
Join us to transform the way the world works.
At LinkedIn, we trust each other to do our best work where it works best for us and our teams. This role offers a hybrid work option, meaning you can both work from home and commute to a LinkedIn office, depending on what’s best for you and when it is important for your team to be together.
This role will be based in our Mountain View, CA campus.
About the team
LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. We never stop working to ensure LinkedIn is secure. We follow industry standards and have developed our own best practices to stay ahead of the increasing number of threats facing all Internet services and infrastructure. LinkedIn is looking for an experienced Senior Incident Response Engineer to be an integral part of our Information Security organization. The Incident Response team is responsible for protecting our infrastructure, applications, and, most importantly, our members. This role will be responsible for playing a key role in our security monitoring and incident response team.
The role is a Senior position, coming in with years of real world experience in responding and leading incident investigations, developing playbooks, and continually striving to improve processes and response times. Additionally as a Senior, a successful candidate will help lead the continued improvements, mentor more junior team members, while acting as a lead during large scale incidents.
Responsibilities:
· Independently triage security alerts and incident reports.
· Investigate incidents using available resources, forensic and threat hunting skills.
· Drive small to medium scale incidents with multiple team members and partner teams to closure.
· Conduct host, network, and log analysis in support of incident response investigations
· Enhance our in-house incident response platforms and build new capabilities.
· Participate in oncall activities.
· Work with partner teams including: PR, HR, Legal, Compliance, Investigations, Microsoft CDOC, Engineering, EPE.
· Work in a team environment to drive large scale incidents to closure and full remediation.
· Contribute to improving processes, procedures and technologies used by the team.
· Provide feedback to detection engineering team about accuracy and quality of detections
· Provide proactive and accurate data to all stakeholders for internal communication
· Help uplift entire team by providing demonstration of new processes or training on systems
· Support mentoring and technical development of incident response engineers
Basic Qualifications:
· BA/BS degree in Information Security, CyberSecurity, Computer Science, or other related technical disciplines, or equivalent practical experience
· 4+ years experience in Information Security, with 3+ years experience in Incident Response as part of that experience.
· Incident response experience should include:
· Experience with triaging security alerts.
· Experience with incident lifecycle and incident handling.
· Experience with log analysis
· Experience with SIEM solutions
· Experience with Windows and Unix operating systems logs.
· Experience with Web Server logs.
· Experience with EDR solutions
· Experience with system level analysis - windows, linux, and mac.
· Experience with 1 or more of these areas:
· System Forensics
· Network Forensics
· Cloud Forensics
· SOAR/Security Orchestration
· Threat Intelligence
Preferred Qualifications:
· Master’s degree in Information Security, CyberSecurity, Computer Science, or other related technical disciplines.
· Developer experience, the ability to understand source code and develop scripts.
· Practical threat hunting experience with open source tool chain
· Scripting knowledge to automate repetitive, time consuming and error prone activities using a general purpose scripting language (ex: Python)
· Prior experience with malware analysis
Suggested Skilles:
· Incident Response
· Information Security
· Incident response investigations
· Threat Hunting
LinkedIn is committed to fair and equitable compensation practices.
The pay range for this role is $121,000-198,000. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. This may be different in other locations due to differences in the cost of labor.
The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For more information, visit https://careers.linkedin.com/benefits.
Equal Opportunity Statement
LinkedIn is committed to diversity in its workforce and is proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is an Affirmative Action and Equal Opportunity Employer as described in our equal opportunity statement here: https://microsoft.sharepoint.com/:b:/t/LinkedInGCI/EeE8sk7CTIdFmEp9ONzFOTEBM62TPrWLMHs4J1C_QxVTbg?e=5hfhpE. Please reference https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf and https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf for more information.
LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.
If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at accommodations@linkedin.com and describe the specific accommodation requested for a disability-related limitation.
Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to:
-Documents in alternate formats or read aloud to you
-Having interviews in an accessible location
-Being accompanied by a service dog
-Having a sign language interpreter present for the interview
A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response.
LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information.
Pay Transparency Policy Statement
As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: https://lnkd.in/paytransparency.
Global Data Privacy Notice for Job Candidates
This document provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: https://lnkd.in/GlobalDataPrivacyNotice