About the role:
As a member of our Security Operations Team, you will collaborate with a global team of engineers to monitor and respond to security events, lead security incidents as Incident Commander, and lead digital forensic investigations in support of Employee Relations, Legal, Compliance, or Information Security cases.
Although you will be focused on security incident response, you will also have the opportunity to create and maintain runbooks, and automated workflows, and assist in process refinement and implementation. You will collaborate with a diverse team of analysts, engineers, and key stakeholders on security initiatives across the company. Above all, your focus is bringing Security expertise to the table in a collaborative, humble, and practical manner.
This is a remote position open to candidates residing in the Pacific Time Zone, Mountain Time Zone, or Central Time Zone of the United States. This position requires working hours in PST.
You should apply if:
- You want to impact the industries that run our world: Your efforts will result in real-world impact—helping to keep the lights on, get food into grocery stores, reduce emissions, and most importantly, ensure workers return home safely.
- You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development, and countless opportunities to experiment and master your craft in a hyper-growth environment.
- You’re energized by our opportunity: The vision we have to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative, ambitious ideas for our customers.
- You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by a high-caliber team that will encourage you to do your best.
In this role, you will:
- Monitor security events and provide technical analysis on alerts
- Lead information security incidents and employee investigations by developing the incident response strategy, lead the execution through incident closure, while providing incident updates to key stakeholders throughout the incident
- Deliver security guidance clearly and concisely for incident response and insider threat initiatives
- Coordinate the building of services, capabilities, integrations, and implementations of technologies to support security operations, incident response, and insider threat
- Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices
Minimum requirements for the role:
- 4+ years of experience in Security Incident Response
- Ability to communicate investigative findings and strategies to technical staff, executive leadership, and legal
- Ability to build scripts or tools to support Samsara’s investigation processes, with proficiency in Python
- Mentor and train security operation engineers on data collection, analysis, and reporting technical analysis
- Practical experience acting as a lead during security incident response, including triage, and coordinating across teams
- Understanding of analysis and forensics techniques on macOS, Windows, and Linux
- Experience utilizing SIEM tools to perform log reviews
- Experience in cloud architecture and security (AWS, GCP) and cloud-based services
- Must reside in the Pacific Time Zone, Mountain Time Zone or Central Time Zone of the United States
An ideal candidate also has:
- 4+ years of experience working on insider threat initiatives or employee investigations
- Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field
- GIAC Certified Incident Handler (GCIH) Certification
- Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO 27001, FedRAMP
