Security Engineer (Incident Response) @ Instructure Hungary Ltd Budapest

Security Engineer (Incident Response) @ Instructure Hungary Ltd

Budapest

Qualifications (Required):

• Bachelors degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• Proven experience in a security role with a strong focus on incident response and security engineering.
• Demonstrated experience leading incident response for a SaaS product company.
• Strong understanding of common attack techniques, tactics, and procedures (TTPs).
• Experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, Elastic SIEM, Microsoft Sentinel) and developing detection rules.
• Familiarity with Endpoint Detection and Response (EDR) solutions.
• Proficiency in at least one scripting language (e.g., Python, Go, etc).
• Excellent analytical, problem-solving, and communication skills.
• Proven ability to write clear and concise documentation.
• Strong communication skills in English.

Qualifications (Preferred):

• Relevant industry certifications (e.g., SANS GCIA, GDAT, GCIH, Offensive Security certifications).
• Experience with Security Orchestration, Automation, and Response (SOAR) platforms.
• Familiarity with container security and serverless technologies.
• Experience with version control systems (e.g., Git).

This position includes participation in an on-call rotation

At Instructure, we believe in the power of people to grow and succeed throughout their lives. Our goal is to amplify that power by creating intuitive products that simplify learning and personal development, facilitate meaningful relationships, and inspire people to go further in their education and careers. We do this by giving smart, creative, passionate people opportunities to create awesome. 
And thats where you come in:

The Security Engineer, Incident Response, is a technical role responsible for leading and executing the organizations response to cybersecurity incidents. This position is a cornerstone of our security program, requiring a professional with deep experience in incident response, especially within SaaS product environments. The ideal candidate will not only be an expert in handling security incidents but also a proactive contributor to our overall security engineering initiatives. A key aspect of this role is the ability to develop and maintain clear, comprehensive documentation for security procedures and processes as they pertain to the incident response processes.

,[Lead and direct all phases of the incident response lifecycle, from initial detection and triage to containment, eradication, and post-incident analysis and review., Conduct in-depth forensic analysis of security incidents to determine the root cause, assess the impact, and define the scope of the incident., Collaborate with engineering and product teams to develop and implement effective containment and eradication strategies for SaaS environments., Coordinate recovery activities to ensure the timely and secure restoration of impacted systems and services., Support design, develop, and implement robust detection rules and signatures across our security toolset (e.g., SIEM, EDR, WAF, CSPM) to proactively identify malicious activity., Continuously refine and optimize detection rules to minimize false positives and enhance the accuracy of our security alerts., Evaluate and recommend new security technologies and methodologies to enhance our security posture., Create and maintain detailed documentation for all incident response procedures, playbooks, and runbooks., Develop and document security best practices and guidelines for engineering and product teams., Contribute to the creation and maintenance of our overall security knowledge base., Schedule and manage tabletop exercises to test and refine our incident response capabilities., Document the results of tabletop exercises and track the remediation of any identified gaps., Provide training and guidance to junior analysts and other team members on incident response and security best practices.] Requirements: Security, incident response, security engineering, TTPs, SIEM, Splunk, EDR, AWS, Python, Go Additionally: International projects, Small teams, Flat structure, Free coffee, Bike parking, Playroom, Shower, Free snacks, Free beverages, Free parking, In-house trainings, In-house hack days, Modern office, Startup atmosphere, No dress code, Free breakfast, Hack-weeks, Employee assistance program.

Kategorie

security

Odpovědět na inzerát