Senior Security Engineer - CSIRT



San Jose, CA, USA
Posted on Thursday, April 20, 2023

Do the best work of your career as a champion for small and mid-size businesses.

BILL is a leader in financial automation software for small and midsize businesses (SMBs). As a champion of SMBs, we are dedicated to automating the future of finance so businesses can thrive. Hundreds of thousands of businesses trust BILL solutions to manage financial workflows, including payables, receivables, and spend and expense management. With BILL, businesses are connected to a network of millions of members, so they can pay or get paid faster. Through our automated solutions, we help SMBs simplify and control their finances, so they can confidently manage their businesses, and succeed on their terms.

BILL is a trusted partner of leading U.S. financial institutions, accounting firms, and accounting software providers. We have operations in San Jose, CA, Draper, UT, Houston, TX and Sydney, AUS and are continuing to expand into other geographic locations. If you’re looking for a place that helps you do the best work of your career, look no further than BILL.

This position can be based at any one of the following locations: San Jose, Draper, Houston. We support a hybrid work environment with on-site and remote work days.

Make your impact within a rapidly growing Fintech Company

  • Continuously and proactively monitor network and host-based security logs, SIEM to flag any abnormalities/malicious activity and prevent them from causing any damage
  • Work with SOC vendor to provide Tier-2 support, monitor, triage and remediation assistance
  • Research emerging threats and detection capabilities; develop recommendations to enhance existing monitoring solutions or adopt new ones.
  • Analyze logs and security alerts to detect malicious activity and threats in the environment
  • Using the MITRE Attack framework, develop, enhance, test, and implement threat detection rules
  • Consolidate and conduct a comprehensive analysis of threat intelligence data obtained from classified, proprietary, and open-source resources to provide indications and warnings of impending attacks against unclassified and classified networks.
  • Conduct/facilitate forensic examination of electronic devices in the furtherance of investigations and company legal requests
  • Coordinate and drive resolution on a diverse range of incidents. Analyze root causes, trends of the alerts/incidents.
  • Respond in a timely manner (within documented SLA) to security incidents.
  • Maintain records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
  • Collaborate well with cross-functional partner teams, such as Legal and Engineering for large-scale efficient response.
  • Able to participate in an on-call rotation.
  • Regularly maintain and update existing systems, update firewall policies, patch vulnerabilities. Reduce false positives and generate more accurate security alerts by development and continuous improvement of rules to correlate security events.
  • Build playbooks to support and improve security incident response processes
  • Recommend changes to standard operating procedures (SOP) and other similar documentation.
  • Participate in automation, project work, detection engineering, and process improvements.

We’d love to chat if you have:

  • 4+ years of professional work experience in the information security field, with emphasis on security operations, incident management,Threat Detection.
  • SOC automation development and cloud operations experience
  • Thorough knowledge of SIEM, SOAR and EDR technologies.
  • Experience with EnCase, FTK, X-Ways, SANS SIFT, Splunk, Volatility, WireShark, TCPDump, and open source forensic tools
  • Understanding of Incident Response Life Cycle and Digital Forensics.
  • Experience with Mac, Linux and Windows operating systems
  • Ability to handle high pressure situations with key stakeholders
  • Good Analytical skills, Problem solving and Interpersonal skills
  • Advanced technical writing skill and on-call experience
  • Bachelor’s degree in IT/CS/related field or equivalent work experience
  • Professional certification such as GCIH/GCFA/CEH/CHFI is highly preferred

Let’s talk about benefits

  • 100% paid employee health, dental, and vision plans (choose HMO, PPO, or HDHP)
  • HSA & FSA accounts
  • Life Insurance, Long & Short-term disability coverage
  • Employee Assistance Program (EAP)
  • 11+ Observed holidays and wellness days and flexible time off
  • Employee Stock Purchase Program with employee discounts
  • Wellness & Fitness initiatives
  • Employee recognition and referral programs
  • And much more

This role is based in California.

The estimated base salary range for this role is noted below for our office location in San Jose, CA. Additionally, this role is eligible to participate in BILL’s bonus and equity plan. Our ranges for each role and job level are based on a variety of factors including candidate experience, expertise, and geographic location and may vary from the amounts listed above. The role is also eligible for a competitive benefits package that includes: medical, dental, vision, life and disability insurance, 401(k) retirement plan, flexible spending & health savings account, paid holidays, paid time off, and other company benefits.

San Jose pay range
$145,600$174,700 USD

We live our culture and values every day

At BILL, we’re different by design—it's our culture. Our CEO is a trusted entrepreneur who lives our cultural values: Humble, Authentic, Passionate, Accountable, and Fun. People here love being their authentic selves, contributing unique experiences, sharing ideas, perspectives, and intellectual curiosity. We celebrate our diversity as the heart and soul of how we work, grow, and succeed together. Inspiring people with meaningful career experiences they love really does make the dream work and our successes just keep getting better. There’s no limit to what we can build and where we can go from here. We’d love you to join us.

BILL is proudly an Equal Opportunity Employer where everyone is welcome. Our innovation and technology are inspired by an inclusive culture unlike any other. Everyone brings a different personal story and perspective and this diverse mix of minds, backgrounds, and experiences is where our greatest ideas come from. We welcome people of all races, ethnicities, ages, religions, abilities, genders, and sexual orientations to make us an even more vibrant company. We want everyone to bring their authentic selves here, to share our values, shape our vision, drive innovation, and become part of a culture we celebrate every day.

BILL Culture:

  • Humble - We check our egos at the door. We are curious. We listen, accept feedback.
  • Authentic - We earn and show trust by being real—embracing our authentic selves.
  • Passionate - We care deeply about each other and our customers.
  • Accountable - We are duty-bound to each other, our customers, and society.
  • Fun - We wrap it all together by building connections and enjoying time spent together.

Our Applicant Privacy Notice describes how BILL treats the personal information it receives from applicants