Grammarly is hiring a
Security Engineer

Summary

Join Grammarly's Detection and Response (DART) team as a Security Engineer to safeguard digital assets, ensure robust security posture, and innovate with our engineers and researchers.

Requirements

• Has a minimum of 10 years in cybersecurity, with a focus on detection and response
• Is proficient in SIEM platforms and scripting languages (Python) and has familiarity with SOAR tools
• Has hands-on experience combating adversaries of varying sophistication (script kiddies to APT)
• Has a foundational understanding of Corporate Security, including Mac endpoint security and Crowdstrike EDR
• Has professional experience with a commercial SIEM (Sumologic preferred)
• L1, L2 SOC experience or 'SOC-less' model (MDR, etc.)
• Can define detection strategies and multi-quarter roadmaps
• Has strong expertise in incident handling and forensic investigation, with a proven track record of managing complex security incidents
• Has excellent analytical and problem-solving skills, with the ability to think critically under pressure
• Demonstrates strong verbal and written communication skills, capable of interacting with technical and non-technical stakeholders alike
• Has relevant industry certifications such as CISSP, GCIA, GCIH, or equivalent
• Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks
• Has strong communication skills and can explain complex security issues in understandable terms
• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team

Responsibilities

• Design, implement, and fine-tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities within our environment
• Perform forensics and spearhead response efforts during security incidents. This includes triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution
• Continuously tune our alerting rules to reduce false positives and enhance our signal-to-noise ratio, ensuring our detection systems are both effective and efficient
• Participate in our team’s on-call rotation, providing expert guidance and rapid response to security incidents as they arise
• Assist with the definition, creation, and maintenance of SIEM (Security Information and Event Management) detection rules and dashboards to provide clear, actionable insights
• Streamline our security operations by authoring comprehensive runbooks, writing automation scripts, and building SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times
• Improve our overall Incident Response process and ensure our readiness against adversaries
• Actively work to burn down the detection backlog, enhancing our detection coverage and accuracy across all monitored systems and applications
• Develop advanced detection strategies and tactics
• Collaborate on project and roadmap planning

Benefits

• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
• Disability and life insurance options
• 401(k) and RRSP matching
• Paid parental leave
• 20 days of paid time off per year, 12 days of paid holidays per year, two floating holidays per year, and unlimited sick days
• Generous stipends (including those for caregiving, pet care, wellness, your home office, and more)
• Annual professional development budget and opportunities