Security Engineer (L4) - Detection & Response

Netflix is the world's leading streaming entertainment service with over 240 million paid memberships in over 190 countries, enjoying TV series, documentaries, feature films, and mobile games across a wide variety of genres and languages. Members can watch as much as they want, anytime, anywhere, on any internet-connected screen. Members can play, pause and resume watching, all without commercials or commitments.  About UsSecurity Operations and Intelligence supports our Detection & Response organization, which reduces the risk of information security threats to Netflix through rapid detection and effective response.  The team is responsible for reviewing, triaging, and remediating alerts and findings from other security programs and processes across the company’s attack surface, including vulnerability management and endpoint detections. They develop automations and solutions that scale to help collect, analyze, action and support the remediation of threats and communicate findings to risk decision makers.  About the Role We are looking for an innovative Security Engineer with a passion for information security operations, threat intelligence, developing automations, and investigating security threats. 
You will be responsible for responding to and investigating security events; maintaining and building tools, automations, runbooks, dashboards, and metrics to support rapid detection, triage, analysis, and response; support various security tooling, business processes, troubleshooting, and guidance to the Netflix workforce; and proactively hunting for malicious activity across our environment. You’ll go beyond responding and analyzing events to communicating the appropriate context and insight to risk decision makers.
Our ideal new team member has first-hand experience working in customer-facing security engineering support roles and has a breadth of experience across information security, system and network administration, and cloud computing. You are excellent at understanding and solving complex and ambiguous problems and constantly seek improvement.

Desired Background and Skills

• You have excellent written and verbal communication skills, proactively inform stakeholders, and can operate with little oversight.
• You possess a breadth of knowledge and experience across the information security domain, with familiarity in a combination of endpoint, email, network, identity management, cloud security; vulnerability management; incident response; and threat intelligence.
• You are able to script and develop automations, preferably using Python and SQL.
• You have experience implementing, using, and configuring some common security tools - e.g., OSQuery, EDR, Threat Intel Platforms.
• You have hands-on experience analyzing and responding to security events, such as conducting log analysis, developing queries and analytics, troubleshooting security issues, and correlating complex data sets. 
• You can identify trends, insights, and relationships between internal and external data and intelligence sources to provide recommended risk mitigation.
• You work well with others, see the value of a team, and partner effectively with all stakeholders.

We are looking for thoughtful security professionals who enable our mission and support our culture of freedom and responsibility. 
At Netflix, we carefully consider a wide range of compensation factors to determine your personal top of the market. We rely on market indicators to determine compensation and consider your specific job family, background, skills, and experience to get it right. These considerations can cause your compensation to vary and will also be dependent on your location. 
The overall market range for roles in this area of Netflix is typically $100,000 - $700,000.
This market range is based on total compensation (vs. only base salary), which is in line with our compensation philosophy. Netflix is a unique culture and environment. Learn more here.