Gong Senior Security Detections Engineer 

United States, California, San Francisco 

162526045

As a member of security operations, you’ll play a key role in ensuring trust and security are core to day-to-day operations. This will be a hands-on position as we mature our security team, and you will be responsible for improving and automating our security operations practices.

• Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against Gong’s enterprise environment
  
• Develop new detection logic and tune existing sensors/security controls.
  
• Actively research cybersecurity exploits, vulnerabilities, techniques, and tactics
  
• Analyze and tune logs, events, and SIEM alerts, identifying trends and patterns that may require early action
  
• Perform incident response investigation from escalated events on various workloads / systems
  
• Perform host-based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response.
  
• Coordinate security investigations, endpoint containment, and other response activities with business stakeholders and support teams.
  
• Work with security solutions owners to assess existing security solutions array ability to detect/mitigate the IOCs, and TTPs.
  
• Responsible for deploying and supporting tools to collect and correlate security telemetry.
  
• Leverage automation & APIs where possible in support of SecOps, IR and the security program. (As needed)
  
• Develop and maintain effective documentation, including response playbooks, processes, and other supporting operational material.
  
• Communicate cybersecurity risks and solutions to various technical and non-technical audiences and levels of management.
  
• Generate reports for both technical and non-technical staff and stakeholders
  
• Assist with internal and external audits relating to information security
  
• Comply with HIPAA and SOC-II, Diversity Principles, Corporate Integrity, Compliance Program policies, and other applicable corporate and departmental policies.
  

• 7+ years of security operations experience
  
• Experience with detection engineering, threat hunting and incident response in a cloud environment
  
• Experience developing security automation with Python, AWS, and workflow automation tools
  
• In-depth knowledge of SIEM (Security Information Event Management) and data lakes such as Snowflake
  
• Experience in developing custom content within Snowflake, including stored procedures, user-defined functions, and complex SQL queries against large datasets of endpoint and network telemetry
  
• Building custom threat detection tooling and frameworks
  
• AWS Experience including Guard Duty, S3 Storage, Cloudtrail, etc.
  
• Experience with Google Cloud Platform
  
• Familiarity with attack frameworks and mitigation
  
• Relevant security certifications such as the GCDA, and GMON is a plus
  
• Research, build, and maintain detections for the latest threats identified through SIEM correlations, active/past incidents & threat intelligence sources
  
• Ability to collect and audit logging capabilities of internal services, SaaS systems, and work with engineering teams in improving log visibility for Security Operations engineers
  
• Experience building data ingestion pipelines for large(GB/TB) unstructured data volumes
  
• Familiarity with data normalization, cleansing and sanitation lifecycle
  
• Experience dissecting an attackers techniques & methodologies while translating to custom detections is a plus

• We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family’s needs.
• Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle.
• Mental Health benefits with covered therapy and coaching.
• 401(k) program to help you invest in your future.
• Education & learning stipend for personal growth and development.
• Flexible vacation time to promote a healthy work-life blend.
• Paid parental leave to support you and your family.
• Company-wide recharge days each quarter.
• Work from home stipend to help you succeed in a remote environment.