Security Engineer, Threat Intelligence

Job content

Snap Inc. is a camera company. We believe that reinventing the camera represents our greatest opportunity to improve the way people live and communicate. Our products empower people to express themselves, live in the moment, learn about the world, and have fun together.We’re looking for a Security Engineer with a background in Threat Intelligence to join our Detection and Response (D&R) team! As a member of the D&R Threat Intelligence team, you will closely track threat actors relevant to Snap along with their tactics, techniques and procedures (TTPs). You will perform targeted collection, analysis and dissemination of intelligence to directly inform strategy, defenses and controls for D&R, partner security teams and leadership. The threat intel team also interfaces with industry partners to guide collective defenses and drive actor disruption efforts. Working from Switzerland office, you’ll collaborate with engineers across many disciplines to operationalize the identification and eradication of threats across our production environments, corporate infrastructure, and internal tooling.What you’ll do:

• Identify, analyze, fingerprint and build threat intelligence on trends and developments in adversary tactics, techniques, and procedures (TTPs) for sophisticated threat actors spanning APTs to cybercrime
• Analyze multiple threat actors and surface areas, and serve as a subject matter expert on how those actors might affect Snap. Collaborate with cross-functional partner teams to inform defenses and interface with industry partners to disrupt threat actors
• Devise methodologies to craft signals and perform threat hunting spanning corporate systems, production environments and external threat repositories
• Investigate triggered signals and support attribution exercises during incidents
• Build tooling to enable intelligence signals, gathering, processing and analysis at scale

Knowledge, Skills & Abilities:

• Proven experience in one or more of the following areas; threat actor tracking and disruption, threat analysis, malware analysis, reverse engineering, data analysis, critical thinking and analytical reasoning
• Development skills in Python and/or Go
• Advanced knowledge of operating system internals, and a core competency in two or more of the following: macOS, Windows, Linux, Kubernetes, Amazon Web Services, and Google Cloud Platform

Minimum Qualifications:

• Bachelor of Science in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field
• 6+ years of experience in the field of security analyst or related security roles

Preferred Qualifications:

• Demonstrated knowledge in threat intel, threat analysis, threat hunting, threat detection.
• Familiarity with cloud-based services and infrastructure (Google Cloud, Workspace, AWS, etc.)
• Excellent verbal and written communication skills, with high attention to detail
• Practical experience in a BeyondCorp model
• Work record of collaborating with internal and external stakeholders at all levels of a company