Full-Time

Insider Threat

Security Engineer

Posted on 3/27/2025

X

X

1,001-5,000 employees

Compensation Overview

$127k - $297k/yr

+ Equity

Junior

Palo Alto, CA, USA + 1 more

More locations: San Jose, CA, USA

Category
Cybersecurity
IT & Security
Required Skills
Python
Grafana
SQL
JIRA
Splunk
Linux/Unix
Requirements
  • Bachelor’s degree in Computer Science/Engineering, or relatable experience/certificates (GIAC Certified Forensic Analyst (GCFA), GIAC Cyber Threat Intelligence (GCTI), GIAC Certified Forensic Examiner (GCFE))
  • Coding proficiency in Python & SQL
  • Experience in commercial Endpoint Detection Response (EDR), Security Orchestration Automation Tools (SOAR), and a familiarity with security automation workflows
  • Networking and system administration experience of server and operating systems (macOS, Linux, Windows)
  • Experience in Gsuite Administration, and JIRA. Familiar with multiple commercial & open-source forensic tools to perform analysis and/or memory collection
  • Experience in data ingestion in Splunk, Clickhouse, Grafana, and simple storage service, as well as dashboard creation.
  • Experience with anomaly detection applicable to the insider threat detection space
  • 1- 2+ years incident response experience and/or insider threat experience
  • 1- 2+ years of cybersecurity operational experience
Responsibilities
  • Triage and analyze all incoming detection alerts from a variety of tools in our tech stack
  • Work closely with the Insider Threat engineering and investigations team to understand current threats and gaps
  • Escalate appropriate threats to Insider Threat investigators
  • Develop/tune detections to best protect X
  • Improve our capabilities to effectively detect and respond to internal threats and security incidents
  • Possess an automation-first mindset
  • Leverage threat modeling and analysis to build event and/or behavioral based detections to protect our critical assets and infrastructure
  • Perform analysis of logs from a variety of sources (e.g., endpoint logs, application logs, network traffic logs) to identify potential insider threats
  • Perform actions that auto-resolve false positives and provide context scaling our ability to investigate
  • Identify gaps in our infrastructure, and work with software engineers, analysts, investigators, and stakeholders to gain visibility through logging and detection
  • Perform live response, digital forensics, and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment
  • Conduct insider threat investigations in a cross-functional environment and drive incident resolution
Desired Qualifications
  • Curious and comfortable digging into the details
  • Eager to help others protect our data, systems, people, and facilities
  • Thrives in a dynamic, high-growth tech environment
  • Relishes the opportunity to collaborate with passionate, driven over-achievers

Company Size

1,001-5,000

Company Stage

Acquired

Total Funding

$82.3B

Headquarters

Bastrop, Texas

Founded

2006

Simplify Jobs

Simplify's Take

What believers are saying

  • X can capitalize on the growing acceptance of cryptocurrencies for tax payments.
  • X's responsible content management enhances user trust and platform integrity.
  • X's involvement in digital finance benefits from increased market transparency.

What critics are saying

  • X faces potential financial liabilities from the Solaris class action lawsuit.
  • X may encounter increased operational costs due to new regulatory burdens.
  • X's market share could be impacted by intensified AI competition.

What makes X unique

  • X leverages advanced AI models for superior data analysis and decision-making.
  • X benefits from the PROOF Act's push for transparency in digital finance.
  • X's agile strategies mitigate risks from volatile tariff policies.

Help us improve and share your feedback! Did you find this helpful?

Benefits

Stock Options

Company Equity

Growth & Insights and Company News

Headcount

6 month growth

-1%

1 year growth

-2%

2 year growth

-5%
PR Newswire
Apr 11th, 2025
Sei Investor Alert: Bronstein, Gewirtz Grossman Llc Announces That Solaris Energy Infrastructure, Inc. Investors With Substantial Losses Have Opportunity To Lead Class Action Lawsuit

NEW YORK, April 11, 2025 /PRNewswire/ -- Attorney Advertising-- Bronstein, Gewirtz & Grossman, LLC, a nationally recognized law firm, notifies investors that a class action lawsuit has been filed against Solaris Energy Infrastructure, Inc. ("Solaris" or "the Company") (NYSE: SEI) and certain of its officers.Class DefinitionThis lawsuit seeks to recover damages against Defendants for alleged violations of the federal securities laws on behalf of all persons and entities that purchased or otherwise acquired Solaris securities between July 9, 2024 and March 17, 2025, both dates inclusive (the "Class Period"). Such investors are encouraged to join this case by visiting the firm's site: bgandg.com/SEI.Case DetailsThe Complaint alleges that throughout the Class Period, Defendants made materially false and/or misleading statements, as well as failed to disclose material adverse facts about the Company's business, operations, and prospects. Specifically, the Complaint alleges that Defendants failed to disclose to investors that: (1) Mobile Energy Rentals LLC ("MER") had little to no corporate history in the mobile turbine leasing space; (2) MER did not have a diversified earnings stream; (3) MER's co-owner was a convicted felon associated with multiple allegations of turbine-related fraud; (4) as a result, Solaris overstated the commercial prospects posed by the Acquisition; (5) Solaris inflated profitability metrics by failing to properly depreciate its turbines; and (6) that, as a result of the foregoing, Defendants' positive statements about the Company's business, operations, and prospects were materially misleading and/or lacked a reasonable basis.What's Next?A class action lawsuit has already been filed. If you wish to review a copy of the Complaint, you can visit the firm's site: bgandg.com/SEI or you may contact Peretz Bronstein, Esq. or his Client Relations Manager, Nathan Miller, of Bronstein, Gewirtz & Grossman, LLC at 332-239-2660

CryptoSlate
Apr 11th, 2025
Senators Reintroduce Legislation To Tighten Rules On Crypto Custody

US Senators Thom Tillis (R-NC) and John Hickenlooper (D-CO) have reintroduced a legislative measure to prevent digital asset custodians from co-mingling customer funds with institutional or proprietary capital.The bill, dubbed the Proving Reserves of Others Funds (PROOF) Act, also mandates monthly third-party inspections of custodial reserves, building on standards already used informally across the digital asset sector.Initially introduced in 2023, the PROOF Act was a response to systemic failures exposed by the collapse of the crypto exchange FTX.According to an excerpt from the reintroduced legislation, FTX’s implosion was driven by two operational flaws: the co-mingling of customer assets with corporate funds and the diversion of customer deposits to Alameda Research, a related entity.These practices contributed to a critical reserve shortfall that left users without recourse when the platform failed, leading to losses of over $8 billion.Safeguard requirementsThe PROOF Act proposes two primary requirements for digital asset exchanges and custodians. First, it would establish regulatory standards that explicitly prohibit mixing customer and institutional funds.Second, it would obligate these platforms to undergo monthly Proof of Reserves (PoR) inspections conducted by a neutral third party, preferably a certified auditing firm.Under the bill’s provisions, the results of each PoR inspection would be submitted to the US Department of the Treasury, which would be responsible for publicly disclosing the findings.Entities that fail to comply would face civil penalties under a tiered enforcement structure, with repeat violations triggering escalated consequences.The bill defines PoR as a cryptographic method that enables exchanges and custodians to verify asset backing for user deposits. Techniques such as Merkle trees or zero-knowledge proofs allow these entities to demonstrate reserve holdings without disclosing sensitive information.The process is designed to maintain transparency while respecting the privacy and security of the platform and its users.‘Critical step’Although several crypto firms have voluntarily published reserve attestations since the FTX collapse, the PROOF Act addresses gaps in standardization and oversight. The bill notes that many prior implementations were inconsistent and lacked certified public accountant (CPA) validation.Tillis and Hickenlooper’s proposal seeks to move the practice from voluntary to mandatory, requiring uniform reserve verification across platforms that custody digital assets. The legislation emphasizes that American users of crypto exchanges deserve clear assurances about the solvency of custodial institutions holding their deposits.Chainlink cheered on the bill reintroduction on an X post, calling it a “critical step toward establishing Proof of Reserve requirements for digital assets.”The post added:“As more real-world assets move onchain, legislation such as the PROOF act reinforces the importance of Proof of Reserves and is essential in ensuring transparency for the digital asset industry.”Mentioned in this article

VentureBeat
Apr 11th, 2025
Now It’S Tiktok Parent Bytedance’S Turn For A Reasoning Ai: Enter Seed-Thinking-V1.5!

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More. It started with the announcement of OpenAI’s o1 model in September 2024, but really took off with DeepSeek R1 released in January 2025. Now, it seems that most major AI model providers and trainers are in a new race to deliver better, faster, cheaper, more affordable or more powerful and performant “reasoning” AI language models — that is, ones that maybe take a little longer to respond to a human user, but ideally do so with better, more comprehensive, more well “reasoned” answers, which these class of models get by performing “chain-of-thought,” reflecting on their own conclusions and interrogating them for veracity before responding. ByteDance, the Chinese web media giant parent of TikTok, is the latest to join the party with announcement and publication of the technical paper behind Seed-Thinking-v1.5, an upcoming large language model (LLM) designed to advance reasoning performance across both science, tech, math, and engineering (STEM) fields and general-purpose domains. The model is not yet available for download or use, and it’s unclear what the licensing terms will be — whether it will be proprietary/closed source or open source/free for all to use and modify at will, or somewhere in between

Decrypt
Apr 11th, 2025
New 'Black Mirror' Episode Focuses On Pump.Fun-Like Livestream Stunts

Decrypt’s Art, Fashion, and Entertainment Hub. Discover SCENEA desperate man commits an act of self-inflicted violence on a livestreaming site in the hopes of collecting a windfall of digital money from strangers. Sound familiar?No, we’re not talking about outrageous exploits related to meme coin trading sensation Pump.fun. Or well, not explicitly. We’re outlining the plot of an episode in the latest season of “Black Mirror.”The first installment of the hit Netflix sci-fi series’ latest season, which debuted Thursday, centers on a plot that appears ripped from true stories about the viral Solana meme coin generator.No way the first episode of Black Mirror is literally about pump fun pic.twitter.com/C5otCkSRS7 — Creep (@CreepahX) April 10, 2025The episode, titled “Common People,” weaves the tale of a cash-strapped husband who—in the aim of paying his wife’s mounting medical bills—begins livestreaming himself performing increasingly extreme acts of self-harm in return for greater sums of digital cash sent by anonymous viewers.The plot sounds an awful lot like similar incidents that have occurred in relation to Pump.fun tokens over the last year. Last summer, for instance, a budding meme coin entrepreneur set his entire body on fire in the hopes of sending his own meme coin soaring

CryptoSlate
Apr 11th, 2025
Pumpfun Fully Restores Streaming Feature With Stricter Moderation Policy

Solana-based token launchpad Pump.fun resumed its livestreaming functionality for all users on April 11, implementing a new set of moderation rules and enforcement mechanisms to curb misuse. The livestream feature has been suspended since Nov. 25, 2024, due to widespread abuse and the platform’s inability to manage user-generated content at scale.In the announcement, Pump.fun confirmed that livestreaming is now available platform-wide with “industry standard moderation systems” and transparent content guidelines. The relaunch follows a limited rollout on April 4, when the feature was reintroduced to 5% of users for testing under the new compliance framework.New policiesThe reinstated livestream policy includes a defined list of prohibited content, including graphic violence, threats, sexual exploitation, harassment, doxxing, unauthorized use of intellectual property, and any material promoting terrorism or illegal activity. Content involving youth endangerment or child sexual abuse material (CSAM) is strictly banned and will be subject to further action, such as referral to law enforcement where applicable.In a public statement, the company emphasized the policy’s intent to preserve “creativity and freedom of expression” while minimizing harmful or illegal behavior. Pump.fun noted that the moderation framework will evolve based on input from users, moderators, and policy experts.Violations may result in livestream termination or permanent account suspension. Users may appeal moderation decisions, although the platform reserves final authority over content rulings.Livestream controversyThe livestream function, launched in May 2024, had previously become a driver of user engagement by allowing memecoin creators to interact directly with investors in real time.However, its rapid adoption led to serious misuse. Notably, creators began hosting extreme challenges tied to token performance, including stunts involving firearms and threats of self-harm.One widely reported incident involved a creator who threatened suicide if their token failed to reach a specified valuation

INACTIVE