Squarespace is looking for a Senior Security Engineer to work alongside a dedicated team responsible for monitoring and responding to attacks across Squarespace and its subsidiaries. The ideal candidate will play a crucial role in enhancing our security posture by developing robust playbooks, crafting effective alerts, and actively participating in the triage and response to security incidents. You will work closely with teams across the organization to build processes that secure the platform powering millions of websites. You’ll act as a subject matter expert on threat detection and response across the entire organization.
This is a hybrid role working from our Dublin office 3 days per week. You will report to our Security Engineering Manager.
You'll Get To…
1. Respond to ongoing incidents, investigate historical compromises, and provide adept analysis and findings
2. Define strategies for threat detection, alerting, and response; implement strategies in cooperation with engineering teams
3. Define processes and automate workflows to respond to security events and incidents
4. Architect, implement, support, and evaluate in-house and third-party security-focused tools and services
5. Work with and communicate with a diverse range of colleagues and teams to detect and respond to attacks
6. Maintain comprehensive documentation for playbooks, alerts, and incident response procedures
7. Generate regular metrics and reports on the effectiveness of detection mechanisms, incident response times, and key performance indicators
8. Participate in tabletop exercises and simulations to ensure the organization’s preparedness for various incident scenarios
Who We're Looking For
1. 4+ years experience managing security incidents and/or experience working in a Detection & Incident Response team or equivalent function
2. Strong coding background, with proficiency in Python or Node.js.
3. Proven experience in proactively searching for and identifying potential threats within the environment
4. Familiarity with container technologies such as Docker and Kubernetes
5. Experience protecting against and mitigating real-world attacks (DDoS, Phishing, Bruteforce/Credential Stuffing, Fraud/Abuse, etc.)
6. Industry-recognized certifications such as CISSP, GIAC, or Offensive Security Certified Professional (OSCP) are preferred
#J-18808-Ljbffr