Cyber Defense and Incident Response Engineer (They/She/He)
Role details
Job location
Tech stack
Job description
Glovo's success and constant growth introduce complex challenges in defending our ecosystem. We are looking for a CSIRT Engineer to join our Cyber Defense team. Your mission is to be the shield of Glovo-ensuring we are not just ready to respond to threats, but proactive enough to hunt them down before they arrive. You will be a key player in building a "SOCless" future through high-level automation and sophisticated detection engineering., * Be the First Responder: Support Digital Forensics and Incident Response (DFIR) efforts, conducting deep-dive investigations into security breaches and anomalies following the Cyber Incident Response Cycle.
- Architect Readiness: Design and maintain the playbooks and investigation methodologies that ensure Glovo is prepared for any security incident.
- Precision Monitoring: Create, validate, and fine-tune alerts to ensure high fidelity and low noise, turning raw logs into actionable intelligence.
- Automate & Orchestrate: Contribute our "SOCless" ambition by building tooling and automation for incident response, reducing manual toil through smart orchestration.
- Hunt the Threat: Proactively "play the bad guy" by researching emerging threats and conducting threat-hunting exercises across our infrastructure.
- Manage the Pipeline: Cooperate with the management of our security log ingestion tools and SIEM to ensure full visibility across Glovo., This demographic voluntary survey helps Glovo understand our pipeline and ensure that all candidates have equal opportunities during the entire hiring process.
This survey also allows us to improve our process and systems ensuring we build a more inclusive company. If you decide to share voluntarily your personal information with us, all the information you provide will be, under all circumstances. Find out more about our Identity Survey and Statement here., In case the recruitment process does not end with the establishment of a labour relationship between the applicant and the Controller, the Controller will retain the applicant's data for a period of 2 years from the date of the last communication, issued either by You or the Controller, declaring the end of the recruitment process without sending and/or accepting the possible offer. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified, cancelled or erased, and/or to request that processing of your personal data be limited.
You also have the right to data portability. In addition, in case you consider your rights have been violated, you may lodge a complaint with an EU supervisory authority. Which of these best describes your gender identity? (Please check all that apply) I don't wish to answer Genderqueer / Genderfluid Man Non-binary Woman I identify in another way (please share)
Requirements
- The Responder's Mindset: Experience in Incident Response and Digital Forensics it's a plus.
- Cloud Proficiency: Desirable operational experience with AWS; you know how to track an adversary through cloud-native logs.
- Coding Skills: Experience in Python (or Golang) to automate responses and build custom security tooling.
- Detection Engineering: A knack for threat monitoring and fine-tuning alerts to find the needle in the haystack.
- Proactivity: Curiosity to learn about Threat Hunting with understanding of the MITRE ATT&CK framework, among other security topics.
- Communication: Good written and communication skills to support post-mortem discussions and document complex incidents clearly.
Nice-to-Haves
- Relevant certifications (GCIH, GCFA, GNFA, or AWS Certified Security - Specialty).
- Experience with SOAR (Security Orchestration, Automation, and Response) platforms.
- Knowledge of data privacy regulations and security protocols related to data breaches.
Individuals representing diverse profiles, and abilities, encompassing various genders, ethnicities, and backgrounds, are less likely to apply for this role if they do not possess solid experience in 100% of these areas. Even if it seems you don't meet our musts don't let it stop you, we are all about finding the best talent out there! Skills can be learned, and embracing diversity is invaluable.
Benefits & conditions
- An enticing equity plan that lets you own a piece of the action.
- Top-notch private health insurance to keep you at your peak.
- Monthly Glovo credit to satisfy your cravings!
- Discounts on transportation, food, and even kindergarten expenses.
- Discounted gym memberships to keep you energized.
- ️ Extra time off, the freedom to work from home two days a week, and the opportunity to work from anywhere for up to three weeks a year!
- Enhanced parental leave, and office-based nursery.
- Online therapy and wellbeing benefits to ensure your mental well-being.
Here at Glovo, we thrive on diversity, we believe it enhances our teams, products, and culture. We know that the best ideas come from a mashup of brilliant diverse minds. This is why we are committed to providing equal opportunities to talent from all backgrounds - all genders, racial/diverse backgrounds, abilities, ages, sexual orientations and all other unique characteristics that make you YOU. We will encourage you to bring your authentic self to work, fostering an inclusive environment where everyone feels heard.
Feel free to note your pronouns in your application (e.g., she/her/hers, he/him/his, they/them/theirs, etc).
So, ready to take the wheel and make this the ride of your life?
Delve into our culture by taking a peek at our Instagram and check out our Linkedin and website!
