Senior Security Engineer, Threat Detection & Response

Airbnb
Summary
Join Airbnb's Threat Detection and Response (TDR) team as a Senior Engineer to build, optimize, and grow security capabilities. You will define and execute on novel approaches to threat detection, containment, and mitigation, partnering with cross-functional teams to improve Airbnb's overall security. A typical day involves investigating security incidents, hunting for threats, building automation and detection models, and collaborating with engineering teams to build advanced detection solutions. You will identify infrastructure gaps and work with business partners to improve logging and detection. This role requires strong technical expertise in security operations, digital forensics, and data analytics. The position is US-remote eligible with occasional office work.
Requirements
- 5+ years of hands-on in-depth knowledge and technical experience in security operations including investigations, incident response, incident management, digital forensics, threat intelligence, threat hunting, and/or detection engineering
- Bachelor's degree in a related technical field or equivalent practical experience
- Self-motivated and creative problem-solver able to work independently with minimal guidance
- Ability to lead people in complex, ambiguous situations through influence and not authority
- Ability to work calmly and collaboratively in critical high-stress situations with expediency
- Outstanding organizational, prioritization, and multitasking skills
- Knowledge and familiarity of the Cyber Kill Chain Framework and MITRE ATT&CK Framework and how these apply to the threat landscape
- Experience automating security detection and response
Responsibilities
- Perform investigations of security incidents using your knowledge of digital forensics and data analytics
- Use your coding, data analytics and investigation skills to hunt, detect and respond to threats
- Build automation and detection models to support identification of anomalous activity and response activities to mitigate threats at scale
- Hunt for threats in our corporate and production environments to proactively identify anomalous activity
- Work side by side with our engineering teams to build advanced detection solutions to help keep systems and information safe, and partner closely with partner teams to carry out complex investigations
- Identify gaps in our infrastructure, and work with business partners to gain visibility through logging and detection
- Collaborate well with cross-functional partner teams, such as Legal, Privacy, and Engineering for efficient, large-scale response
Preferred Qualifications
Experience in AWS services (EC2, S3, Lambda, RDS)
Benefits
- Bonus
- Equity
- Benefits
- Employee Travel Credits