Security Incident Response Engineer

Twitch is looking for exceptional candidates to join our Security Incident Response Team (SIRT). Our SIRT’s mission is to help Twitch find, communicate about, handle, recover from, and learn from security incidents. We established our SIRT by hiring a leader responsible for building the technical security incident response program and for growing security talent we attract to it, who has done both before. Now we’re ready to staff the team.

If you're already on a SIRT or doing similar work, we hope you’ll consider joining our SIRT. If you're looking to progress in your career in information security, and have experience in security monitoring, incident handling, threat intelligence, and/or digital forensics, we encourage you to apply for this job. We find security generalists and people with exposure to related fields to be highly effective; if you think your skills align well with even some of what you think security incident response at Twitch might be, given our mission, we encourage you to apply for this job.

We would like our first hire or two to work with us at Twitch's headquarters in San Francisco, and are prepared to help make that happen. But we also know that this limits who we can hire. If you'd like us to consider you for a remote SIRT position when we're ready to accommodate that, we encourage you to apply for this job.

Please consider the responsibilities detailed below to be a mix of expectations and opportunities. We don’t expect everyone to already be great at everything. Everything sound great except for one or two things? Please ask about them. Want to support our team without being on it? Please consider other security roles at Twitch.

Responsibilities & Opportunities

  • Participate in an on-call rotation that includes your peers on the SIRT and the SIRT manager
  • Qualify reports or alerts of activity as security incidents using clear guidelines that establish what a security incident is
  • Evaluate the potential and realized impact of security incidents to Twitch
  • Analyze threat actor tactics, techniques, and procedures
  • Perform malware analysis, host forensics, and network forensics
  • Participate in information sharing groups; communicate securely and responsibly
  • Write and follow clear runbooks so that our work can be accountable, repeated, measured, and improved
  • Communicate with peers and leadership about who did what to what, when, with what potential and realized impact, how we discovered it, and how we’re handling it
  • Coordinate security incident response activities with affected teams to do the right thing for our customers and our organization
  • Learn from incidents, not dogma; share SIRT data with the Security organization and with Twitch
  • Identify detective and preventative technology and automation to reduce the impact of security incidents to Twitch
  • Build, deploy, tune, and automate the detective and preventative technology and automation you select with help from dedicated Security Architecture, Security Engineering, and Application Security teams


  • 5+ years relevant experience doing information security work or equivalent BS degree in Information Security, Information Systems, Computer Science, Computer Engineering, or other related fields
  • Strong demonstrated knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture
  • Automation experience using scripting or programming languages (Go, Python, Ruby, Shell, Perl, etc.)
  • Well-rounded background in cloud, host, network, and application security
  • Ability to prioritize multiple tasks and projects in a dynamic environment
  • Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business

Bonus Points

  • MS degree in Computer Science, Computer Engineering, Electrical Engineering, or 8+ years’ equivalent technology experience
  • Previous experience coordinating responses to security incidents
  • Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills
  • Extensive knowledge of internet security issues and threat landscape


  • Full benefits, including medical, dental, vision and life
  • 401(k) savings plan with a company match
  • Catered daily lunch and dinners (and hearty breakfasts three times a week)
  • Unlimited snacks and drinks
  • Monthly in-office massages
  • Corporate gym membership
  • Commuter Benefits
  • Flexible time off policy
  • Weekly happy hours and opportunity to attend one gaming event or tournament
  • Top of the line technology to help you build your own workspace

About Twitch

Twitch is the world’s leading video platform and community for gamers, with more than 100 million visitors per month. We connect gamers from around the world by allowing them to broadcast, watch, and chat with each other. Twitch’s live and on-demand video platform forms the backbone of a distribution network for video game broadcasters including pro players, tournaments, leagues, developers and gaming media organizations. Twitch is leading a revolution in gaming culture, turning gameplay into an immersive video experience. Learn more at http://twitch.tv.

We are an equal opportunity employer and value diversity at Twitch. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Back to top