Druva enables cyber, data and operational resilience for every organization with the Data Resiliency Cloud, the industry’s first and only at scale SaaS solution. Customers can radically simplify data protection, streamline data governance, and gain data visibility and insights as they accelerate cloud adoption.

Druva pioneered a SaaS-based approach to eliminate complex infrastructure and related management costs, and deliver data resilience via a single platform spanning multiple geographies and clouds. Druva is trusted by thousands of enterprises, including 60 of Fortune 500, to make data more resilient and accelerate their journey to the cloud.

Visit druva.com and follow us on LinkedIn, Twitter and Facebook. 

The Team

The Druva Cyber Defense Team is responsible for intrusion detection, security incident response, cyber threat intelligence, and adversarial emulation across our global production and corporate environments. We partner closely with various business units to collaboratively solve security challenges facing our customers and employees.

We’re seeking experienced professionals with a proven track record building security tools, fostering trust, and mentoring security personnel.

The Role

As a Sr. Staff Detection & Response Engineer, you will be responsible for executing and influencing the threat detection and incident response tooling roadmaps at Druva. You will contribute to assessment of gaps in current capabilities for workload execution visibility, log collection/storage, and threat detection at all layers. You will also contribute to assessment of acquisition, collection, storage, and analysis of forensic data. The majority of the role is implementing tools to fill the identified gaps. These projects will require knowledge of scripting and cloud services.

You will mentor less experienced personnel, delegate tasks calibrated for their experience and skills, and provide constructive feedback. You will serve as a role model for respectful and collaborative interactions with other teams.

You will participate in alert triage and investigation, and security incident response as required. Experience commanding security incidents is a big plus.

Qualifications

Successful candidates will likely have several of the following characteristics:

• 10+ years experience, with +5 in incident response and/or forensics
• Security incident response against hands-on-keyboard adversaries
• Experience building tools on top of AWS services (preferred) or another major Public Cloud Provider
• Experience scripting with Python or Go
• Clear and empathetic communication
• Adept at working in global, distributed teams, with diverse culture
• A degree in computer science, information security, or a related field, or equivalent foundational knowledge gained through experience

The following characteristics are will be considered a bonus:

• Experience defending SaaS environments
• Experience as “incident commander” for large security incidents
• Deep knowledge in forensics and/or malware analysis
• Experience with open-source tools such as Sleuthkit, Falco, Volatility, Plaso, Velociraptor, GRR, etc