Security Engineer

About Opendoor

Founded in 2014, Opendoor's mission is to empower everyone with the freedom to move. We believe the traditional real estate process is broken and our goal is simple: build a digital, end-to-end customer experience that makes buying and selling a home simple, certain and fast. We have assembled a dedicated team with diverse backgrounds to support more than 100,000 homes bought and sold with us and the customers who have selected Opendoor as a trusted partner in handling one of their largest financial transactions. But the work is far from over as we continue to grow in new markets. Transforming the real estate industry takes tenacity and dedication. It takes problem solvers and builders. It takes a tight knit community of teammates doing the best work of their lives, pushing one another to transform a complicated process into a simple one. So where do you fit in? Whether you're passionate about real estate, people, numbers, words, code, or strategy - we have a place for you. Real estate is broken. Come help us fix it.

About the Team

The Security Operations team at Opendoor focuses on identifying and protecting assets, detecting anomalies and attacks, responding to compromise, and recovering from asset compromise in order to return the business to a steady state. The scope of the Security Operations team includes Application Security, Detection Operations, Incident Response, Infrastructure Security, Penetration Testing, Vulnerability Management, and Threat Intelligence. 

As a Security Engineer, you will be responsible for implementing and maintaining all aspects of Security across applications and cloud infrastructure. Your primary focus will be to monitor and analyze the organization's cloud and IT infrastructure, networks, and systems for potential security threats, as well as respond to and mitigate security incidents effectively. You will collaborate with cross-functional teams to develop and maintain incident response procedures, as well as contribute to the continuous improvement of the organization's security posture.  Further you will work with telemetry regarding vulnerability management and assist in triaging vulnerabilities.

What You'll Do:

• Detect, respond to and remediate security events
• Design and Build automation for the detection, investigation and remediation of security events across Opendoor 
• Manage and coordinate Incident Response functions
• Act as a first responder to both internal and external security notifications
• Work with stakeholders throughout security and engineering to develop and improve threat detection logic, enhance response capabilities, and deploy new tools.
• Translate threat bulletins into actionable detections
• Create and continuously tune detection use cases, rules and analytics using best-practice frameworks such as MITRE ATT&CK.
• Create and maintain relevant incident response playbooks and documentation on cyber defense techniques and reports
• Maintain vulnerability telemetry and triage vulnerabilities.

We’re looking for someone who has:

• 2+ years of commercial experience in incident response and threat hunting
• Knowledgeable in detection engineering, endpoint detection and response tooling, intrusion detection, threat hunting, common IOCs/TTPs, MITRE ATT&CK, and initial access techniques.
• Experience in security event management and orchestration (SIEM / SOAR).
• Experience in tooling that is common to the DFIR space (e.g., Splunk, Crowdstrike, Nessus, Palo Alto Prisma, HackerOne, Okta, etc.)
• Incident Response experience in the Cloud (AWS, Azure) and on MacOS and Windows devices
• Vulnerability management experience
• Excellent communication and interpersonal skills, with the ability to interact with stakeholders at all levels.
• Strong analytical and problem-solving skills, with the ability to make decisions under pressure.
• Experience in automation with Python, Bash, Go or similar languages

Bonus if you have:

• An understanding of the value of usability and buy-in when it comes to security policy and practices
• DFIR expert: You have deep experience in all aspects of incident response.
• A love of instrumentation
• Passion for automation
• Love for security at work and outside of work. As shown by: presenting at a known security conference, contributing to or creating open source security tools, contributing to the security community in general, etc

Here’s the Deal:

• Work in the city center in a fun, non-corporate environment
• Competitive compensation package that includes - a monthly base salary from 16k PLN to 23k PLN, plus RSUs and annual bonus
• Choose the contract type that suits you best (employment or B2B)
• Enjoy 26 days of paid holiday on a B2B contract
• Private medical healthcare
• MultiKafeteria perks for sports, movies, and shopping vouchers