Security Engineer- Incident Response Lead
Do you want to make the world a healthier place?
Take the next step in your career at Fitbit.
At Fitbit, our mission is to help people lead healthier, more active lives by empowering them with data, inspiration and guidance to reach their goals.
We started our journey in 2007—as a team of two with one big idea. Since then, we’ve grown to over 1,500 employees, sold over 60mm devices, and built a health and fitness community across the globe. In fact, the Fitbit Community has taken enough steps to walk from the Sun to Pluto! Offering award-winning products, a top-rated mobile app and an easy-to-use online dashboard, Fitbit provides personalized experiences that help our users reach their goals. With a reenergized focus on innovative devices, interactive experiences, and enterprise health we are transforming the way consumers and businesses see health & fitness.
From your first steps as a Fitbitter, you will be at the forefront of developing new products. Our culture combines the spirit of startup with the perks of being public. We offer a competitive benefits package and amazing perks like unlimited snacks, Friday happy hours, onsite workout classes, and a strong focus on a healthy work-life balance. As part of our team, you’ll have the opportunity to grow your career, contribute your ideas to life-changing products and services, and—above all—have fun doing it.
Fitbit’s HQ campus is located in the heart of San Francisco with office locations in Boston, San Diego and around the world. Think you’ve found your fit?
What you’ll do:
The information security team exists to create a culture of information security within Fitbit to ensure that our data and our customer's data remain safe.
We aim to achieve this by looking for innovative solutions that allow the business to deliver at scale and velocity.
Own Our Incident Response Processes
- Take control of incident response at Fitbit and be the key contact person in the event of a major incident
- Improve our incident response processes and procedures
- Mentor and develop the team members on our incident response team
- Monitor output from anti-malware tooling
- Understand and monitor our applications for signs of compromise
- Develop tooling to help facilitate ongoing low false-positive monitoring
- Integrate into our change management processes to detect unauthorized change
- Understand and monitor our production and corporate infrastructure for signs of compromise
- Triage and escalate alerts
Respond to Incidents
- Assist with investigations into suspected incidents
- Create processes and tooling to increase the efficiency of the response process
Identify Opportunities for Improvement
- Assist the information security team to identify better ways of achieving their mission
- Assist with the development and integration of incident detection and response tools
- Assist with the development and integration of security incident prevention tools
Skills, experience and knowledge that this team will rely on
- Operating system and systems administration skills
- Malware analysis
- Log file analysis
- Understanding of how web applications operate
- Understanding of how databases operate
- Understanding of the way that agile development shops operate
- Core network protocols such as TCP, UDP, DNS, HTTP, TLS
- Java and Python software development
- Linux process and system monitoring facilities
- Windows and OSX administration
Interactions with other teams
The incident response team is responsible for all of the day-to-day tasks that keep our security monitoring infrastructure alive and well. They run our monitoring tools and deal with the output from those tools. They will mainly interface with other members of the information security team. Depending on the issue they are trying to solve they may also need to work with the Corporate IT and Infrastructure Engineering teams.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
consumer tech, wearables, health & wellness
Company Type: Public Company
Company Size: 1,001-5000