Senior Cyber Defence Engineer

at  Buildkite

Build tools for the best
software teams in the world.
About The Role
Buildkite’s mission is to unblock every developer on the planet. Our CI/CD platform is used by the best engineering teams in the world, including Airbnb, Shopify, PagerDuty, and Lyft.
As a Senior Cyber Defence , you will play a vital role in establishing our continuous security monitoring and security incident response capability. You will monitor and respond to security events, collaborating with cross-functional teams providing valuable insights and guidance. You will proactively develop defences against threats and your expertise will contribute to robust security incident response capabilities whilst building a resilient Buildkite. The long term goal for this role is to be a core part of an established internal PSIRT at Buildkite.
What you’ll be doing
With a fast growing company and a new team, your day to day will be anything but the same.
However, you can expect the following on an ongoing basis:
Develop your mastery of the field through the design and implementation of Buildkite’s continuous security monitoring and security incident response capability
Autonomously partner with cross-functional teams at Buildkite to recognise the evolving threat profile of the organisation and develop the security monitoring capability appropriately
Purposely work towards building a capability that is effective, efficient and one that you personally take pride in

You will be:

• Laying the groundwork for the security operations team with a goal to operationalise a continuous security monitoring and security incident response capability
• Monitor security alerts and events from various sources and respond promptly to security incidents, following the established incident management plan
• Build and nurture influential partnerships with key stakeholders, acting as a conduit between security and various cross-functional teams
• Define and refine the incident management plan based on emerging threats and evolving cybersecurity landscape

What you bring to the role
We understand people come in all shapes and sizes. Although we have attempted to list out the requirements for the role comprehensively, we still want to hear from you if you meet some but not all the requirements. You may bring to the role something we never knew we wanted or needed.

Need to have

• AU/NZ citizenship
• People first approach to solving security challenges
• Able to work remotely and independently with a growth mindset
• Operational experience with a SIEM and/or SOAR platform
• Demonstrate experience in security incident handling and security operations
• Possess an understanding of network protocols, systems, and infrastructure security principles
• Exhibit proficiency in analysing business and employee needs, recommending, and designing end-to-end security solutions
• Display strong incident management skills, effectively managing multiple incidents and driving results
• Participate in cross-functional security projects and initiatives, providing security expertise and guidance to ensure the secure implementation of innovative technologies and systems
• Possess excellent communication skills to collaborate with cross-functional teams and convey complex security concepts effectively

Nice to have

• Programming experience in either Ruby or Go
• Operational experience with an IaC (Terraform/OpenTofu) product
• Experience with software development paradigms such as source control management, continuous integration and continuous deployment
• Knowledge of security frameworks such as OWASP, NIST CSF, CIS Benchmarks, etc.
• Prior experience operating elements of the NIST 800-61 r2 CSIH guide
• One of the following Security certifications or equivalent associated with security operations:
• Offensive Security’s OSCP, OSDA or OSWE
• SANS’s GSOC or GMON
• AWS’s DevOps - Professional or Certified Security - Speciality
• Relevant experience with a Cloud platform such as AWS
• Relevant experience working in a SOC or MSP/MSSP
• Non-security related certifications are not a must but would be highly regarded

Permanent
About Us
We build tools to help the best software teams stay happy and productive. We’ve rethought how CI/CD should work and have built a platform that is fast, reliable, secure, and is able to scale to the needs of the most demanding high-growth tech companies including Shopify, Pinterest, Wayfair, Cruise, PagerDuty, Culture Amp, and Canva.
Buildkite is a differently shaped company that values work-life balance and supports staff to work the ways that make sense for them. From the beginning, our goal has been to build a company that is people-centered, supportive and just a little bit weird
We have some details at this link which you can fill in. You don’t need to complete every section, just send through any link or document you’re proud of that helps us understand your skillset. This doesn’t have to be a resume, but it can be. There’s also a section to write some words about you and why this role interests you if you like.
If you have any questions or if you’d like to find out more about working at Buildkite, please email careers@buildkite.com
Why Apply?
Small team, global impact
We believe small companies are beautiful, and that small teams can achieve big things. This makes everyone on the team an important part of Buildkite.
Flexible work hours
We don’t keep set office hours, so you can shift your hours around life’s commitments and non-work activities. Take time out of work for exercise, family or whatever life throws at you.
Support and growth
In a small but growing company, you’ll have the opportunity to work on a wide range of projects, and ship work that helps customers.
Work from anywhere
We’re a globally distributed company, and all our work happens remotely. Work from your home office, a co-working space, or your local cat café.
Benefits
Learning & development
Invest in your personal and professional development with a yearly budget to spend on travel, conferences, workshops, courses, and books.
Health cover
We’ll make sure that you and your family have access to comprehensive health and hospital cover, no matter which country you live in.
Parental leave
Take time out to set up a new family, with 6 months of paid leave if you’re the primary carer, and 3 months if you’re secondary. You can use it flexibly, change between primary and secondary, and take the same leave for a still birth. We also keep paying super/401k for 6 months if you take unpaid leave.
Home office & coworking
Set yourself up with a great work environment, either at home or in a co-working space. With a budget for a desk and chair, and a new computer as well as any other tech, we’ll get you ready to work effectively in your environment. Even if you choose to work from home you will have access to a co-working budget for the days you want to connect with your wider community.
Wellness & paid time off
Take care of your health and wellbeing away from the screen, with 6 weeks of paid leave per year, the ability to take time out of work for fitness, and a yearly budget to spend on things like yoga, climbing, personal training, or a day at the zoo.
Working at Buildkite has given me the freedom to grow and flourish in all aspects of my life, personally and professionally. I’m proud to be a part of such a passionate and supportive team.
ing (4)
ing Manager - Pipelines
& Senior - Pipelines self-serve
Java Developer - Test Analytics
Senior - Test Analytics - Insights
Operations (2)
Finance (2)
Sales & Customer Success (1)
People (1)
Marketing (1)
If you’ve got any questions or issues with the application process, please let us know.
Email careers@buildkite.co