Security Engineer, Threat Detection and Response, Blockchain

Security | Menlo Park, CA - Washington, DC
Apply Now

About Calibra

Calibra is building a hub of financial services, products and solutions that connect everyone, everywhere, creating greater opportunity for all. Its technical foundation is the open-sourced Libra blockchain network. Libra’s mission is to create a simple, borderless global currency and financial ecosystem that empowers billions of people.

Our team is looking for a Threat Detection and Response Engineer with a variety of experiences in the discovery, containment, and mitigation of security threats to our networks, hosts, and products. You will be identifying needed signal, building advanced and novel detection mechanisms, building automated workflows, performing hunts, and building automated remediation aligned to common and specific tactics, techniques, and procedures of our threats. We are looking for people that love building, hunting for malicious activity and intrusions, developing new methodologies to detect this activity, and the thrill of responding when an incident occurs.

Responsibilities

  • Own and drive the detection and response lifecycle for one or more key coverage areas
  • Hunt for badness in our infrastructure: proactively identify malicious activity that we are not currently able to detect
  • Analyze logs, packets, and alerts for signs of malicious activity
  • Create signatures and tools to analyze and detect malicious activity
  • Build automation for response and remediation of malicious activity
  • Support incident response by investigating security intrusions
  • Drive implementation of countermeasures, mitigations, and containment

Minimum Qualifications

  • Bachelors degree or equivalent experience in Security
  • Knowledge of networking technologies, specifically TCP/IP and the related protocols
  • Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux
  • Coding/scripting experience in one or more general purpose languages
  • Experience with attacker tactics, techniques, and procedures

Preferred Qualifications

  • Background in malware analysis, intrusion detection, investigations, incident response, and/or threat intelligence
  • Experience with rule-driven and analysis-driven network platforms like Bro and Suricata
  • Experience hunting, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
  • Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux and virtualized environments
  • Fintech industry experience
  • Crypto currency investigations and response
  • Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as: Host and memory forensics, Network forensics, Incident Management or Detection and/or response tool development