Detection and Response Engineer in Denver, CO

Gusto   •  

Denver, CO 80202

Industry: Enterprise Technology

  •  

5 - 7 years

Posted 56 days ago

Gusto is fundamentally changing how the world works by empowering small business employers to put people first. Gusto reimagines payroll, benefits, and HR by automating the most complicated and impersonal business tasks and making them simple and delightful.

Gusto processes billions of dollars in payroll for hundreds of thousands of employees.

Additionally, our clients trust us with personally identifiable information (PII) and protected health information (PHI), including customers' SSNs, EINs, salaries, home addresses, and health-related information. Protecting our clients' PII and PHI is one of the top considerations in anything we do at Gusto.

Here's what you'll do day-to-day:

  • Take lead on threat hunting, IOC (indicators of compromise) analysis, and incident response
  • Help implement and fine-tune our security tools, such as endpoint protection, SIEM, vulnerability assessment, and cloud security monitoring
  • Work closely with other internal security teams, engineering teams, and our MSSPs to address the most severe security alerts and incidents, including full-cycle of detection, analysis, containment, eradication, recovery and post-mortem improvement
  • Use software to automate enforcement of security policies across the entire Gusto organization

Here's what we're looking for:

  • 4+ years in a security analysis or operations role
  • Experience with incident response, either in-house or through an outsourced service provider
  • Ability to partner closely with cross-functional internal stakeholders, like IT, compliance, HR, and legal teams
  • Someone who is always thinking about attack vectors in which PII and PHI can be compromised
  • Experience with AWS and scripting languages
  • 2+ years of hands on experience operating in a cloud environment (AWS or GCP)
  • Experience with infrastructure as code (e.g. Terraform, Chef, or Puppet)
  • Nice to haves: Osquery, Splunk, ELK - (elasticsearch, logstash, kibana), Google Cloud/GCP


Valid Through: 2019-11-12