Intuit
Senior Security Engineer - Security Event Analysis Team (SEAT)
Intuit, San Diego, California, United States, 92189
Senior Security Engineer – Security Event Analysis Team (SEAT)
We are seeking an experienced Senior Security Engineer to join our Security Event Analysis Team (SEAT), part of the broader Security Incident Response Team (SIRT), to help our organization respond to cyber‑attacks. The ideal candidate will have a deep understanding of the security incident response and incident management process, attacker kill chains/methodologies, be able to respond quickly to attacks, restore services, and investigate the root cause. As a member of our SIRT, you will collaborate with other engineers to design and implement solutions, improve incident‑response readiness, and provide guidance and training to external teams.
Responsibilities
Oversee and promptly respond to escalated security events or investigations, activating the Security Incident Response Plan as required.
Provide on‑call support for critical severity issues, manage communications, and report incident status to appropriate stakeholders.
Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents.
Develop, maintain, and improve incident response plans, procedures, and playbooks to ensure swift action and regulatory compliance.
Present guidance and training on security best practices and incident response to organizational partners, ensuring alignment with business objectives and compliance requirements.
Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics best practices.
Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs.
Assess vulnerabilities, propose remediation strategies, and keep up‑to‑date on current and emerging security trends, threats, and countermeasures.
Qualifications
Bachelor’s degree or higher in Technology, Computer Science, Cybersecurity, or a related field (preferred).
Industry‑recognized professional‑level certifications such as AWS Security Specialty, GCIH, GCFA, GFCE, CISSP (advantageous).
3‑5 years of experience in a dedicated cybersecurity role, with a strong emphasis on digital forensics and incident response.
1‑3 years of experience using scripting languages such as Bash, PowerShell, and Python.
Experience performing analysis and detection engineering using Endpoint Detection and Response or Cloud Security Posture Management tools such as CrowdStrike Falcon, SentinelOne, and Wiz.
Comprehensive understanding of cybersecurity and networking principles, including protocols, ports, and frameworks such as OWASP, MITRE ATT&CK, NIST, and CIS.
Experience using and defending public cloud services such as AWS, Azure, and GCP (IAM, CI/CD pipelines, network security, DLP).
Deep understanding of SIEM solutions such as Splunk and LogScale.
Strong analytical and problem‑solving abilities, focusing on identifying root causes and assessing risk exposure.
Exceptional communication skills, both verbal and written, explaining technical details to non‑technical audiences and fostering stakeholder relationships.
Self‑motivated with the ability to work autonomously, managing tasks effectively and seeking assistance when necessary.
Proficient in working under pressure in a dynamic environment, prioritizing tasks to meet tight deadlines while maintaining procedural discipline.
Profound knowledge of digital forensics technologies and methodologies, and expertise in the Security Incident Response Lifecycle according to frameworks such as NIST or SANS.
Adaptable and proactive, willing to take on various responsibilities and eager to continuously learn and upgrade skills.
Proficient understanding of AI technologies and their application in enhancing security operations, threat detection, and incident response.
Compensation and Benefits
Expected base pay range for this position: $146,000‑$197,500 (Southern California). In addition to a cash bonus and equity rewards, benefits include health, dental, vision, and other standard Intuit employee benefits.
Location: San Diego, CA.
#J-18808-Ljbffr
Responsibilities
Oversee and promptly respond to escalated security events or investigations, activating the Security Incident Response Plan as required.
Provide on‑call support for critical severity issues, manage communications, and report incident status to appropriate stakeholders.
Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents.
Develop, maintain, and improve incident response plans, procedures, and playbooks to ensure swift action and regulatory compliance.
Present guidance and training on security best practices and incident response to organizational partners, ensuring alignment with business objectives and compliance requirements.
Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics best practices.
Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs.
Assess vulnerabilities, propose remediation strategies, and keep up‑to‑date on current and emerging security trends, threats, and countermeasures.
Qualifications
Bachelor’s degree or higher in Technology, Computer Science, Cybersecurity, or a related field (preferred).
Industry‑recognized professional‑level certifications such as AWS Security Specialty, GCIH, GCFA, GFCE, CISSP (advantageous).
3‑5 years of experience in a dedicated cybersecurity role, with a strong emphasis on digital forensics and incident response.
1‑3 years of experience using scripting languages such as Bash, PowerShell, and Python.
Experience performing analysis and detection engineering using Endpoint Detection and Response or Cloud Security Posture Management tools such as CrowdStrike Falcon, SentinelOne, and Wiz.
Comprehensive understanding of cybersecurity and networking principles, including protocols, ports, and frameworks such as OWASP, MITRE ATT&CK, NIST, and CIS.
Experience using and defending public cloud services such as AWS, Azure, and GCP (IAM, CI/CD pipelines, network security, DLP).
Deep understanding of SIEM solutions such as Splunk and LogScale.
Strong analytical and problem‑solving abilities, focusing on identifying root causes and assessing risk exposure.
Exceptional communication skills, both verbal and written, explaining technical details to non‑technical audiences and fostering stakeholder relationships.
Self‑motivated with the ability to work autonomously, managing tasks effectively and seeking assistance when necessary.
Proficient in working under pressure in a dynamic environment, prioritizing tasks to meet tight deadlines while maintaining procedural discipline.
Profound knowledge of digital forensics technologies and methodologies, and expertise in the Security Incident Response Lifecycle according to frameworks such as NIST or SANS.
Adaptable and proactive, willing to take on various responsibilities and eager to continuously learn and upgrade skills.
Proficient understanding of AI technologies and their application in enhancing security operations, threat detection, and incident response.
Compensation and Benefits
Expected base pay range for this position: $146,000‑$197,500 (Southern California). In addition to a cash bonus and equity rewards, benefits include health, dental, vision, and other standard Intuit employee benefits.
Location: San Diego, CA.
#J-18808-Ljbffr