Lead Security EngineerDescriptionOur Security team supports the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We are passionate about protecting our infrastructure, operations, and most importantly, our customer data. We take a thoughtful approach to security, and strive to deliver low friction high-impact features to protect our customers.As Slack’s data, customers and features grow, protecting customer data becomes an even more significant challenge. As a member of the Slack Security Customer Protection team, you would be primarily focussed on detecting entities who intend/attempt to use Slack for malicious purposes. Regardless of whether users are on a free or paid plan, our ultimate goal is to ensure the platform remains secure for everyone. You would be developing and using tools to tease out high-fidelity signals from the noise, while collaborating with your peers to respond to and eradicate unwelcome behaviors(such as fraud, abuse, spam etc.) on the platform. You would develop and deploy analytics that inspect the Slack internal telemetry for suspicious behaviours and surface them as anomalies to our customers.Slack has a positive, diverse, and supportive culture—we look for people who are curious, innovative and work to be a little better every single day. In our work together we seek to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, why not say hello?What you will be doingYou will understand the current data pipelines and datasets, and come up with innovative solutions to analyze them and identify unique outliers and patternsParticipate in efforts to organize and query the datasets to support various detection engineering projects in flightEnvision and develop innovative signals and roll them out across customer workspaces, which would aid the customer to identify anomalous behavior within their workspace, across various stages of the Kill Chain.Collaborate with key cross functional teams (Data and Backend engineering teams, Core platform and product teams etc.) to contribute towards security specific in-product feature development efforts.Partner with fellow security practitioners to develop and maintain internal tools and solutions that support our detection engineering effortsRequirementsStrong experience in Information Security centric roles, devising strategies and building controls to counter advanced and constantly evolving threats.Ability to envision a variety of Security Incident scenarios that could impact a customer and take an empathetic approach to developing detections to aid customersAbility to query large amounts of data to investigate anomalous activity and deploy detections to surface similar activity when it occurs in other customer workspacesExperience understanding Threat Actor Tactics, Techniques & Procedures (TTPs) and able to build detections to detect such TTPsExperience working in a security function, particularly Digital Forensics and Incident Response (DFIR), Threat Detection and/or Threat Hunting background.Ability to clearly and patiently articulate Threats and Threat Actor activity to Product Managers, Customer Experience teams, and other EngineersAbility to collaborate with a variety of stakeholders like Customer Success teams, peers in Product Security team, Product Managers, Platform Trust and Integrity teams to service the customersExpertise in high-level programming languages, particularly Python or Go. Ability to write efficient SQL queries and dig out relevant information.Enthusiastic in automating repetitive tasks and embracing emerging technologies (AI Agents etc.) #J-18808-Ljbffr