Uncubed

Senior Security Engineer – Operational Infrastructure

Slack, San Francisco

Slack's cloud-based collaboration tools and services are used worldwide.


Our Security team supports the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly, our customers’ data. We take a systemic approach to security, and strive to ensure we provide low friction high-impact security across everything we do.

As a member of the Slack Security Operations and Response Team, you are the first line of defense for all the people and parts that together make up Slack. You get out of bed every morning thinking about new ways to make life miserable for bad actors. You get excited at the prospect of searching for your adversary, teasing out high-quality signal from the all the noise, and developing new ways to solve hard problems. Your work directly impacts the way millions of people, teams and businesses get things done.

Responsibilities:

  • Manage the infrastructure, tools and rules that keep the Security Operations and Response team running
  • Develop and implement strategies, creating and tuning tools for detecting and remediating malicious activity
  • Build solutions to detect and mitigate new malicious threats
  • Investigate alerts from detective telemetry and tune rules to increase fidelity
  • Perform retrospective analysis using artifacts from both network and host
  • Detect, respond to and investigate security events
  • Work in partnership with other teams at Slack to constantly improve our defensive posture
  • Participate in enterprise-wide operations to hunt for adaptable and previously unknown threats

Requirements:

  • Operational experience running servers in AWS or similar cloud environment
  • Experience managing security tools and server configuration
  • Experience tuning, improving and devising new ways to collect signal and identify suspicious events in an operational production environment
  • Experience working in an operational capacity, with expertise in at least one of: server, network, cloud, database
  • Experience with log or data analysis, extracting salient data points to improve detective capabilities
  • Broad exposure to various security disciplines and deeper understanding of models and principles behind core security concepts such as MFA and token-based authentication
  • Intermediate knowledge of Python or similar

About Slack

Empathy. Courtesy. Playfulness. Craftsmanship. Solidarity — these are some of the values we live by, as a company. We work by them, too: we’re building a platform and products we believe in — knowing there is real value to be gained from helping people, wherever they are, simplify whatever it is that they do and bring more of themselves to their work.

We’re building a strong, diverse team of curious, creative people who want to find a purpose in their work and support each other in the process. We work hard and we play to win… within normal business hours. And then we go home.

That balance is important: It enables us to truly do the best work of our lives. As a result, we create a place where all kinds of work happens — and happens well — all while working alongside people we respect and admire.

Want to learn more about Slack? Visit https://slack.com/