Responsibilities:

📍Own individual security solutions throughout their lifecycle, including design, development, and deployment, in order to continuously improve Gemini’s ability to detect and respond to advanced, targeted threats 📍Develop and improve processes and tools that supports the team rapidly iterating and responding to threats Gemini faces 📍Lead incident response and investigation efforts 📍Analyze technical threat data to extract TTPs, malware techniques, and adversary methods 📍Create and enhance countermeasures and detections for malware, attacker techniques, threat actor methodology, and suspicious events associated with intelligence obtained by the Gemini Team 📍Produce well documented, resilient and manageable code that supports the streamlining and automation of the above 📍Provide mentorship and guidance to junior engineers on the team in their growth and implementation of the above

Minimum Qualifications:

📍Broad and deep DFIR/Threat Detection and Response experience 📍Scripting proficiency in a common programming language (e.g. Python, Go) 📍Hands-on familiarity with CI/CD, infrastructure as code, and microservices 📍Aptitude in the use of containerization technologies (eg. Docker) 📍Deep experience in the design and implementation of detection signatures spanning multiple security log sources (Splunk, EDR, etc.) 📍Able to troubleshoot and debug issues, and demonstrate a methodical approach to root cause analysis 📍Excellent oral and written communication skills, including the ability to interact effectively with leadership, engineers, vendors and peers