Our Security team supports the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly, our customers’ data. We take a systemic approach to security, and strive to ensure we provide low friction high-impact security across everything we do.
As a member of the Slack Security Operations and Response Team, you are the first line of defense for all the people and parts that together make up Slack. You get out of bed every morning thinking about new ways to make life miserable for bad actors. You get excited at the prospect of searching for your adversary, teasing out high-quality signal from the all the noise, and developing new ways to solve hard problems. Your work directly impacts the way millions of people, teams and businesses get things done.
Operate the infrastructure, tools and rules that keep Security at Slack running: detection and response capabilities as well as capabilities that keep our overall platform operating securely
Develop and implement strategies, creating and tuning tools for detecting and remediating malicious activity
Build or enhance solutions to detect and mitigate new malicious threats
Work in partnership with other teams at Slack to constantly improve our telemetry and defensive posture
Participate in enterprise-wide operations to hunt for adaptable and previously unknown threats
DevOps or Site Reliability Engineering experience (3-5 years) in AWS or similar cloud environment
Experience performing configuration management, building infrastructure to handle required load and managing outages
Experience with health and performance monitoring and performance optimization
Experience improving and devising new ways to collect signal and identify suspicious events in an operational production environment; experience with process automation is a plus
Broad exposure to various security disciplines and deeper understanding of models and principles behind core security concepts such as MFA and securely managing secrets or tokens