Principal Security EngineerApplyApply Later Location Kirkland, Washington Additional Locations Kirkland, Washington, United States of America
GoDaddy powers the world's largest cloud platform dedicated to small, independent ventures. With 19 million customers worldwide, GoDaddy is the place people come to name their idea, build a professional website, attract customers and manage their work. Our mission is to empower entrepreneurs everywhere, making opportunity more inclusive for all. To learn more about the company visit www.GoDaddy.com.
We’ve adapted our hiring process in response to COVID-19. To learn more about what GoDaddy is doing differently click here.
As a Sr. Security Engineer in our Threat and Response organization, you will be responsible for writing code, automating and conducting various threat intelligence operations such threat actor profiling, OSINT gathering, and reverse engineering malware. You will also craft processes and playbooks for various Threat related tasks.
Enable and lead automated ingestion of threat data into TIP from commercial vendor APIs as well as from internal GoDaddy technologies.
Develop workflows and playbooks utilizing TIP to parse, format, and tag imported threat data, create new data objects, and define data object values and metadata.
Enable TIP to automatically disseminate select threat data to GoDaddy security appliances, including writing custom scripts as well as working with off-the-shelf integrations/apps.
Partner with other cyber security and information technology teams to document processes and technologies, define requirements/use cases for TIP integration, and collaborate on user acceptance and systems integration.
Undertake analysis and monitoring of security feeds and other open source intelligence in order to research and gather information on trending threats, vulnerabilities, and exploits relevant to GoDaddy.
Produce measurable intelligence for different teams within GoDaddy in the form of threat advisories, executive briefings, and tactical data feeds.
Use threat intelligence to inform threat hunting and participate in initial threat hunting activities. Build automation based on such TTP to perform automated threat hunting.
Create advanced automated alerts and playbooks which correlate indicators of compromise.
Perform advanced analysis and reverse engineering of malware.
Innovate new technologies and strategies to support automated threat hunting.
Build integrations and tooling to be leveraged by incident response engineers and other InfoSec teams.
- 5+ years working in a Threat Intel or similar role.
- 5+ years developing security software.
- Expertise with operations and development/maintenance of TIP integrations
- Understanding of security principles and good security practices across multiple security domains
- Ability to understand and apply the cyber kill chain or ATT&CK model to events
- In-depth knowledge of common security controls, detection capabilities, and other practices / solutions for securing digital environments, to include packet flows / TCP & UDP traffic, firewall and proxy technologies, anti-virus, Intrusion Detection/Prevention Systems and other host-based monitoring, email monitoring and spam technologies, SIEMs, etc.
- Experience in analyzing malware / hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors’ technical methods for accomplishing their missions.
- Familiarly with Golang programming language
- Systems Development
- Threat Intelligence background
- Knowledge in Splunk
- Experience with Threat Intel Platforms (TIP) such as ThreatConnect, Anomali, MISP, or similar products
GoDaddy is proud to be an equal opportunity employer. We will not discriminate against any applicant or employee on the basis of age, race, color, creed, religion, sex, sexual orientation, gender, gender identity or expression, medical condition, national origin, ancestry, citizenship, marital status or civil partnership/union status, physical or mental disability, pregnancy, childbirth, genetic information, military and veteran status, or any other basis prohibited by applicable federal, state or local law. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements.
If you need assistance completing an application for a position with us, please reach out to our Recruiting Team at firstname.lastname@example.org
Please note that GODADDY does not accept unsolicited resumes from recruiters or employment agencies.
To submit your application to this position, please click Apply. On the next screen, after you click Apply, click Create to establish your candidate account. If you have previously created a candidate account, please slick Sign-In and use that account to complete your application.