Staff Security Engineer, Incident Response

Greenlight is the leading family fintech company on a mission to help parents raise financially smart kids. We proudly serve more than 6 million parents and kids with our award-winning banking app for families. With Greenlight, parents can automate allowance, manage chores, set flexible spend controls, and invest for their family’s future. Kids and teens learn to earn, save, spend wisely, and invest. 

At Greenlight, we believe every child should have the opportunity to become financially healthy and happy. It’s no small task, and that’s why we leap out of bed every morning to come to work. Because creating a better, brighter future for the next generation depends on it.

As a Staff Security Engineer, Incident Response you will be a hands-on incident responder actively investigating cases involving endpoints, SaaS, public cloud, and hybrid environments. When not actively leading or participating in an incident, you will be threat hunting. Due to the nature of IR, we are looking for someone who is technically proficient and can effectively communicate with leadership, managers and individual contributors during an IR situation. In addition, you will be responsible for the strategic direction of the IR function, working closely with the Privacy and Legal teams.

Reporting into the Sr Director, Security Operations, the ideal candidate will be responsible for responding to security threats against our enterprise and production environments. This is a lead role, which is involved in all aspects of the incident response life cycle and the process of responding to a security incident. You will also help with detection engineering to improve logging coverage, security tools tuning, suggest ideas and contribute to the new signals development process and automation to detect and respond to threats automatically and at scale. 

Your day-to-day:

• Manage investigations including organizing unstructured work and engaging resources across the company.
• Manage urgency and visibility to ensure timely response by all involved parties.
• Conduct IR analysis, network log and network PCAP analysis, and other investigation related activities in support of IR.
• Respond to critical incidents, threats, vulnerabilities and bring these issues to resolution.
• Communicate/coordinate with internal and 3rd party teams during high severity incidents.
• Orchestrate & conduct table-top exercises.
• Develop incident playbooks and repeatable methods for managing and responding to malicious activities across networks, systems, and products.
• Design, document, and implement IR processes, procedures, guidelines, and solutions.
• Deliver technical and executive level reports and metrics on IR issues.
• Forensically analyze end user systems and servers found to have possible indicators of compromise.
• Identify security incidents through threat hunting operations within a SIEM and other relevant tools.
• Perform basic programming and script development in support of/as needed for IR

What you’ll bring to the team:

• Ability to work in a dynamic, on call environment.
• 7+ years of professional experience in cybersecurity and/or information security or demonstrated equivalent capability.
• 3+ years hands-on working in Cyber incident analysis and/or response in medium to large organizations with cloud and forensics components.
• Strong analytical, documentation, and communication skills.
• In-depth experience with all facets of IR.
• Solid experience applying all facets of IR to Windows, Linus, macOS and public cloud environments.
• Demonstrated threat hunting experience using SIEM, and EDR solutions.
• Ability to successfully facilitate collaboration across multiple functions, departments, and levels.
• Familiarity with SOAR (Security Orchestration, Automation and Response) software with an emphasis on building complex playbooks for automating routine incidents.




Not sure this one’s for you? Don’t count yourself out. Show us what you’ve got and we’ll reach out if there’s a great fit.

Work perks at Greenlight:

• Medical, dental, vision, and HSA match 
• Paid life insurance, AD&D, and disability benefits 
• Traditional 401k with company match and Roth IRA
• Unlimited PTO 
• Paid company holidays and pop-up bonus holidays 
• Wellness & professional development stipends
• Mental health resources
• 1:1 financial planners
• Fertility healthcare
• 100% paid parental and caregiving leave, plus cleaning service and meals during your leave
• Flexible WFH, both remote and in-office opportunities
• Fully stocked kitchen, catered lunches, and occasional in-office happy hours
• Employee resource groups

Our stance on salaries:

Greenlight provides a competitive compensation package with a market-based approach to pay and will vary depending on your location, experience and skill set. The total compensation package for this position will also include a discretionary performance bonus, equity rewards, medical benefits, 401K match, and more. Greenlight conducts continuous compensation evaluations across departments and geographies to ensure we are keeping our pay current and competitive.

The estimated base pay range for this position in (NY, CA, WA): $180,000-220,000

The estimated base pay range for this position in (CO): $180,000- 215,000

Who we are:

It takes a special team to aim for a never-been-done-before mission like ours. We’re looking for people who love working together because they know it makes us stronger, people who look to others and ask, “How can I help?” and then “How can we make this even better?” If you’re ready to roll up your sleeves and help parents raise a financially smart generation, apply to join our team.

Greenlight is an equal opportunity employer and will not discriminate against any employee or applicant based on age, race, color, national origin, gender, gender identity or expression, sexual orientation, religion, physical or mental disability, medical condition (including pregnancy, childbirth, or a medical condition related to pregnancy or childbirth), genetic information, marital status, veteran status, or any other characteristic protected by federal, state or local law.