Senior Security Engineer, Incident Response

Job content

Awesome tech is made by awesome people. And we’re always looking for new team members who bring the energy, passion, commitment, and collaboration that has made Auth0 the great company it is today.

So what do we exactly build? Auth0 is an authentication and authorization platform designed by developers, for developers. Basically, we make companies’ login boxes safe, secure, and seamless for anyone logging in. Our mission is to secure the world’s identities so innovators can innovate. But it’s a big mission that requires a lot of teamwork.

Words, code, or people, whatever your skill, there’s a place for you here.

We are a Security company and Auth0’s Security team is in the privileged position of supporting a Security-first culture for a company that wants to make the internet safer.

Do you enjoy working on a blue team with a group of highly motivated and skilled engineers all huddled together in a video call hunting for evidence of exploitation in logs, comparing your findings with the group, and bouncing ideas off of each other? Perhaps you enjoy working with others to build and deploy complex security systems on quarter long projects where you will face various challenges and get to play with the latest security technology? If so, then then you’ve found the right career at the right company.

Two of our key values at Auth0 are: N+1>N and One Team One Score. Whether you are a junior or a 10 year veteran to security engineering, you will have numerous opportunities to learn and grow as an engineer on our team as we are a highly collaborative group.

We are looking for a technical and hands-on Incident Response Engineer who is passionate about protecting Auth0’s customers, employees and brand. The successful candidate will have a mix of deep technical knowledge, and a demonstrated background in information security.

In This Role You Will

• Respond to and act as incident commander for security incidents. Proactively consider how to prevent the same type of incidents from occurring in the future.
• Use your experience and security intuition to hunt for threats across enterprise and production environments. If we’re missing important data we need, go get it!
• Act as an escalation point for automated alerts.
• Perform variant analysis and root cause analysis to find systematic bugs.
• Develop creative solutions to complex security problems which balance business needs and risk.
• Maintain current knowledge and skills to keep up with the rapidly changing threat landscape.
• Perform regular on-call responsibilities, including fulfilling various incident response team roles.
• Work together with other security engineers and stakeholders to architect and deploy enterprise security solutions.
  

Our Ideal Candidate Will

• Have 3-5 years working in a high-demand security team.
• Have a Bachelor’s/Master’s in Computer Science or equivalent.
• Have excellent English language skills, both written and verbal.
• Have strong demonstrable knowledge of common attack vectors.
• Have familiarity/experience with AWS & Azure services and security concepts.
• Have experience with common Linux / Mac OS command line, security monitoring, log analysis and forensic tools.
• Have ability to work with a high degree of autonomy.
• Have experience working an on-call rotation.
• Have familiarity/experience with osquery.
• Have a passion to learn and thrive in a dynamic and constantly changing environment.
• Have excellent analytical thinking, time management and coordination skills.
• Be currently located in the the United Kingdom, Spain or Poland.
  

Bonus Points For

• Experience working as a senior part of a Computer Security Incident Response Team (CSIRT) or Security Operations Team.
  

Examples Of Our Engineering Culture

• https://auth0.com/blog/how-auth0-automates-phishing-response/
• https://www.tines.io/blog/alert-automation-response-with-auth0
• https://www.tines.io/blog/security-chat-ops-with-auth0
• https://auth0.com/blog/how-we-hire-engineers/
• https://auth0.com/blog/how-auth0-automates-phishing-response/
• https://auth0.com/blog/fantastic-public-s3-buckets-and-how-to-find-them/
• https://auth0.com/blog/guardians-of-the-cloud-automating-response-to-security-events/
  

Preferred Locations:

• #UK; #ES; #PL;
  

Auth0 makes the internet safer by safeguarding billions of login transactions each month.

Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work . Culture is critical to us, and we are transparent about our vision and principles . We practice N+1>N which applies to everything from our people to how we iterate our tech; we believe in one team, one score; and we give a shit about everything we do.

Research shows that candidates from underrepresented backgrounds often don’t apply unless they meet all the job criteria. We aren’t looking for someone who ticks every single box on a page; we’re looking for lifelong learners and people who can make us better with their unique experiences. If you think you’d be a great fit, then please get in touch to tell us about yourself.

Auth0, recently acquired by Okta, is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.