Security Engineer - Incident Response

Our Security team supports the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly, our customers’ data. We take a systemic approach to security, and strive to ensure we provide low friction high-impact security across everything we do.

As a member of the Slack Incident Response Team, you are the first line of defense for all the people and parts that together make up Slack. You get out of bed every morning thinking about new ways to make life miserable for bad actors. You get excited at the prospect of searching for your adversary, teasing out high-quality signal from the all the noise, and developing new ways to solve hard problems. Your work directly impacts the way millions of people, teams and businesses get things done.

Responsibilities

  • Detect, respond to, investigate and remediate security events, driving all aspects of an incident to closure
  • Develop and implement strategies, creating and tuning tools for detecting and remediating malicious activity
  • Work in partnership with other teams at Slack to constantly improve our defensive posture
  • Investigate alerts from detective telemetry and tune rules to increase fidelity
  • Perform retrospective analysis using network, host, memory, and other artifacts from multiple operating systems and applications
  • Participate in enterprise-wide operations to hunt for adaptable and previously unknown threats

Requirements

  • Experience tuning, improving and devising new ways to collect signal and identify suspicious events in a corporate and production environment
  • Experience with log or data analysis, extracting salient data points to determine an event’s impact and root cause
  • Broad exposure to various security disciplines and deeper understanding of models and principles behind core security concepts such as MFA and token-based authentication
  • Experience working in an operational capacity, with expertise in at least one of: server, network, cloud, database
  • Strong forensic experience with one or more major operating systems (Windows, OS X, or Linux)
  • Intermediate knowledge of Python or similar

Meet Some of Slack's Employees

Gina J.

Sr. Customer Success Manager

Gina works with Slack’s clients at a high level to ensure that they’re getting the most value from the product and having a positive experience overall.

Joann A.

Director, Application Engineering

Joann is responsible for running a team of twelve Slack Application Engineers. She works hard to support them in their positions and career trajectories and ensures that they have everything they need to build awesome products.


Back to top