Overview
On Site
Full Time
Skills
IT Security
CSIRT
Security Controls
Electronic Commerce
System Security
Network Security
Encryption
Leadership
PASS
Security Policy
Information Systems
Legal
Law
Swing
SEIM
Acquisition
Forensics
Computer Networking
TCP/IP
HTTP
Dragon NaturallySpeaking
DNS
FTP
DHCP
Wireshark
Tcpdump
Scripting
Python
Perl
Risk Analysis
Computer Science
Information Technology
SANS
GCIA
GPEN
GCIH
CISSP
Cisco
Cisco Certifications
Certified Ethical Hacker
CHFI
ECSA
OSCP
Digital Forensics
GCFA
Security Analysis
Software Security
Cyber Security
Incident Management
Security Operations
Information Security
System On A Chip
EMEA
Training
Onboarding
Communication
Penetration Testing
Management
Testing
Malware Analysis
Security Engineering
Research
SQL
SPL
Splunk
JD
Lean Methodology
Job Details
Job Title: Cyber Security Engineer III
Job ID: EBAYJP00021632
Location: San Jose, CA / Washington DC (Preference West coast 3 days on site currently but can be flexible)
Job Description:
Day to Day Responsibilities of this Position and Description of Project:
eBay is seeking a CSIRT Engineer to join our highly visible Cyber Security Incident Response Team that provides Security Operations Center (SOC) support, cyber analysis, scripting and automation, and a 24x7x365 support staff. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations into Day shift.
Working within eBay's Computer Security Incident Response Team (CSIRT) you will have the opportunity to build innovative solutions to identify and mitigate information-security threats. You will work collaboratively to creatively solve complex security problems in a heterogeneous environment. With your contributions, we're building the best security incident response team in the industry. Your skills, vision, tenacity, and passion will help us defend and respond daily to keep eBay's critical information assets away from threats and hackers.
Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.
Must demonstrate expert knowledge in one (1) or more of the following areas:
Incident Response, Digital Forensics, Monitoring and Detection, Cyber Intelligence Analysis Core Job Functions Include:
Investigations - Investigating computer and information security incidents to determine extent of compromise to information and automated information systems
Escalations - Responding to escalated events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
Research - Researching attempted or successful efforts to compromise systems security and designs countermeasures.
Education - maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
Communications - Provides information and updates to shift leads & leadership, creates pass-downs for next shift, work closely with supporting teams, provide feedback for new security policy and standards, engage with other teams and adjacencies through email and conference calls.
Digital Forensics - As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law
Coverage - Must be willing to perform shift work, weekends, and holidays as well as participate in a rotating shift consisting of four (4) 10 hour shifts with four days on, three (3) days off and possible rotations across Day, Swing, and Graveyard shifts as needed.
To be successful in this position, you should be proficient with:
Incident Response - Getting people to do the right thing in the middle of an investigation. Offensive Techniques - Penetration testing, IOCs, and exploits at all layers of the stack.
Logs - you should be comfortable with a SEIM to be able to gather and analyze logs to recreate incidents and hunt for threats.
System Forensics - Basic understanding of image acquisition techniques, memory forensics, and the like. Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.), and Wireshark/TCPDump.
Scripting - Should be familiar with scripting in at least one of the following: python, perl or a similar language.
Risk Analysis - Taking a vulnerability in a particular environment and understanding the practical associated risk.
Qualifications:
Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field.
Minimum three (3) years of professional experience in incident detection and response, malware analysis, or digital forensics.
Must have at least one (1) of the following certifications:
SANS GIAC: GCED, GCIA, GPEN, GWAPT, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON, GCIH ISC2: CCFP, CCSP, CISSP
Cisco: CCNA, CCNP CERT: CSIH
EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH
Offensive Security: OSCP, OSCE, OSWP and OSEE Digital Forensics: EnCE, CB, MiCFE, ACE, GCFA, GCFE
In addition, a minimum of one (1) year of specialized experience in one or more of the following areas:
Security Assessment or Offensive Security
Application Security
Security Operations Center/Security Incident Response Cyber intelligence Analysis
Will this candidate interface with IT and business teams? If so, which internal/external groups? Operation role
Incident response and security operations team - service requests, alerts, data loss events, malware technical investigates to
tirage the events
Not a senior role- analyst that makes initial triage of the events wider not deeper knowledge of the space
Security background- know the basics of information security-does not need to be a SOC analyst looking for diverse skillsets Shift based job not operational - 3 site structure west coast, EMEA, and east coast can apply this resource to either site hence
Preference on West coast PST
3 month training and onboarding period- will take an exam towards the end of the onboarding Required Skills (top 3 to 5/ non-negotiables): What you like to see on resumes? (nice to have) 1
Does this individual have the tech evidence to discuss how they used it in their previous job - more on the analyst 1
Coding knowledge 2
Admin knowledge 3
Pen testing knowledge 4
* These people would have more of a possible to extend/convert to FTE 5 5
Disqualifiers or Dislikes on Resumes: No investigation experience and cannot discuss how they conducted the investigations
Taking and Admin or dev resume and inject it into their resume/experience - need to have the direct experience and able to explain that within the interview Education Requirement: Bachelor's degree not needed they are really looking for a person with the hard skills
Minimum 2-3 years Security experience as long as they have the hard skills
If they are just now coming into Security then 5-7 years Required Testing: Security analyst, Malware analyst, Security engineering/Admin, threat research knowledge etc. Software Skills Required: SQL, SPL, Splunk, etc. Required Certifications: Should have 1 or more in the JD if they are in this space Preferred companies/industries: Open to all Candidate Value Proposition: If worker does well, they have a high chance of extension and conversion Difficult Aspects of Role: Night and weekend shifts, rotational shifts. May be difficult if they have a family so be transparent on the schedule up front, more discussions will be had in the interview with the manager
Team Environment How many people are on your team? Junior, Mid or Senior Level? Lean team
8-9 members
Will be working with Core engineers that works in those time zones
Allow rotations and flexibility
3 months to ramp up give or take
Morning daily stand up - will only apply for the region they are hired into
Shift attendance is paramount but can be flexible but is a monitoring role
Job ID: EBAYJP00021632
Location: San Jose, CA / Washington DC (Preference West coast 3 days on site currently but can be flexible)
Job Description:
Day to Day Responsibilities of this Position and Description of Project:
eBay is seeking a CSIRT Engineer to join our highly visible Cyber Security Incident Response Team that provides Security Operations Center (SOC) support, cyber analysis, scripting and automation, and a 24x7x365 support staff. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations into Day shift.
Working within eBay's Computer Security Incident Response Team (CSIRT) you will have the opportunity to build innovative solutions to identify and mitigate information-security threats. You will work collaboratively to creatively solve complex security problems in a heterogeneous environment. With your contributions, we're building the best security incident response team in the industry. Your skills, vision, tenacity, and passion will help us defend and respond daily to keep eBay's critical information assets away from threats and hackers.
Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.
Must demonstrate expert knowledge in one (1) or more of the following areas:
Incident Response, Digital Forensics, Monitoring and Detection, Cyber Intelligence Analysis Core Job Functions Include:
Investigations - Investigating computer and information security incidents to determine extent of compromise to information and automated information systems
Escalations - Responding to escalated events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
Research - Researching attempted or successful efforts to compromise systems security and designs countermeasures.
Education - maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
Communications - Provides information and updates to shift leads & leadership, creates pass-downs for next shift, work closely with supporting teams, provide feedback for new security policy and standards, engage with other teams and adjacencies through email and conference calls.
Digital Forensics - As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law
Coverage - Must be willing to perform shift work, weekends, and holidays as well as participate in a rotating shift consisting of four (4) 10 hour shifts with four days on, three (3) days off and possible rotations across Day, Swing, and Graveyard shifts as needed.
To be successful in this position, you should be proficient with:
Incident Response - Getting people to do the right thing in the middle of an investigation. Offensive Techniques - Penetration testing, IOCs, and exploits at all layers of the stack.
Logs - you should be comfortable with a SEIM to be able to gather and analyze logs to recreate incidents and hunt for threats.
System Forensics - Basic understanding of image acquisition techniques, memory forensics, and the like. Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.), and Wireshark/TCPDump.
Scripting - Should be familiar with scripting in at least one of the following: python, perl or a similar language.
Risk Analysis - Taking a vulnerability in a particular environment and understanding the practical associated risk.
Qualifications:
Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field.
Minimum three (3) years of professional experience in incident detection and response, malware analysis, or digital forensics.
Must have at least one (1) of the following certifications:
SANS GIAC: GCED, GCIA, GPEN, GWAPT, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON, GCIH ISC2: CCFP, CCSP, CISSP
Cisco: CCNA, CCNP CERT: CSIH
EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH
Offensive Security: OSCP, OSCE, OSWP and OSEE Digital Forensics: EnCE, CB, MiCFE, ACE, GCFA, GCFE
In addition, a minimum of one (1) year of specialized experience in one or more of the following areas:
Security Assessment or Offensive Security
Application Security
Security Operations Center/Security Incident Response Cyber intelligence Analysis
Will this candidate interface with IT and business teams? If so, which internal/external groups? Operation role
Incident response and security operations team - service requests, alerts, data loss events, malware technical investigates to
tirage the events
Not a senior role- analyst that makes initial triage of the events wider not deeper knowledge of the space
Security background- know the basics of information security-does not need to be a SOC analyst looking for diverse skillsets Shift based job not operational - 3 site structure west coast, EMEA, and east coast can apply this resource to either site hence
Preference on West coast PST
3 month training and onboarding period- will take an exam towards the end of the onboarding Required Skills (top 3 to 5/ non-negotiables): What you like to see on resumes? (nice to have) 1
- Solid sort of security domain background - experience education, certifications
Does this individual have the tech evidence to discuss how they used it in their previous job - more on the analyst 1
Coding knowledge 2
- Excellent communication skills as this worker will be working cross functionally with tech and non-IT teams within the space
Admin knowledge 3
- SQL, SPL Query and Languages and Coding
Pen testing knowledge 4
- Can work on a variety of tools as this team uses a lot of home-built tools
* These people would have more of a possible to extend/convert to FTE 5 5
Disqualifiers or Dislikes on Resumes: No investigation experience and cannot discuss how they conducted the investigations
Taking and Admin or dev resume and inject it into their resume/experience - need to have the direct experience and able to explain that within the interview Education Requirement: Bachelor's degree not needed they are really looking for a person with the hard skills
Minimum 2-3 years Security experience as long as they have the hard skills
If they are just now coming into Security then 5-7 years Required Testing: Security analyst, Malware analyst, Security engineering/Admin, threat research knowledge etc. Software Skills Required: SQL, SPL, Splunk, etc. Required Certifications: Should have 1 or more in the JD if they are in this space Preferred companies/industries: Open to all Candidate Value Proposition: If worker does well, they have a high chance of extension and conversion Difficult Aspects of Role: Night and weekend shifts, rotational shifts. May be difficult if they have a family so be transparent on the schedule up front, more discussions will be had in the interview with the manager
Team Environment How many people are on your team? Junior, Mid or Senior Level? Lean team
8-9 members
Will be working with Core engineers that works in those time zones
Allow rotations and flexibility
3 months to ramp up give or take
Morning daily stand up - will only apply for the region they are hired into
Shift attendance is paramount but can be flexible but is a monitoring role
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.