Squarespace is looking for a Security Engineer with a focus on Investigations and Incident Response to join a dedicated team responsible for monitoring and responding to attacks on our platform. You’ll partner with teams across the organization as you investigate security events specific to our platform and corporate environment.
This is a hybrid role working from our Dublin office 3 days per week and you will report to the Detection and Response Manager.

QUALIFICATIONS

• 5+ years experience in the security industry
• Certifications (preferred not required): OSCP, OSCE, OSWP
• Experience working with SIEM and SOAR technologies
• Knowledgeable of cloud & container security, and infrastructure as code
• Working understanding of malware analysis, reverse engineering, and host-based and memory forensics
• Proficiency in programming or scripting languages (preference to Python, Go, JavaScript, or Bash) is a plus
• Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP/HTTPS) and how to keep them secure
• Familiarity with red & purple team exercises, adversary resilience, and cyber deception
• Experience working with cloud technologies (eg. Amazon Web Services, Google Cloud Platform, etc.) and Networking and Web Application security

• You will investigate security events through our SIEM and SOAR technology
• Design alerts to monitor both our customer and corporate environments for anomalous behavior
• Share insights gleaned from SOAR case work with relevant security team members in order to drive more security feature implementation to the product or corporate environment
• You will respond to ongoing incidents, investigate historical compromises, and provide adept analysis and findings
• Establish strategies for threat detection, alerting, and response
• You will initiate reactive threat hunting engagements by performing endpoint, network, application, and log analysis
• Establish processes and build ‘playbooks’ of operational response to security events and/or incidents
• Familiarity with Threat Intelligence and keeping up-to-date on modern threats and InfoSec news
• Build and support security-focused tools and services
• Provide Mentorship and technical expertise to junior team members to assist their technical development