Staff Security Engineer

Intuit is the global financial technology platform that powers prosperity for the people and communities we serve. With approximately 100 million customers worldwide using products such as TurboTax, Credit Karma, QuickBooks, and Mailchimp, we believe that everyone should have the opportunity to prosper.
Petah Tikva, Israel
Security
Staff Software Engineer
Hybrid
3+ years of experience
AI · Cybersecurity · Finance

Description For Staff Security Engineer

The Intuit Adversary Management team is looking for a security professional who has skills and familiarity of security frameworks, attack surfaces, big data, software development, cloud environments and artificial intelligence (AI). We're using data in groundbreaking ways to uncover insights on how adversaries are emerging with their techniques, tactics and procedures (TTP's). This individual will help support our team by building AI/ML technologies, driving requirements for collecting and storing data from various sources, correlating and analyzing data to understand adversaries motives and intent. This individual will closely work with their team to present requirements and drive solutions that align with the Intuit Adversary Management team's mission.

Responsibilities: • Use AI & ML and Big Data to identify emerging threats on the attack surface, identify threat actors, relate basic indicators and TTPs to make informed security decisions • Collection of adversary tactics, techniques, and procedures (TTP's) across mobile, web, and cloud infrastructure • Ability to identify and categorize basic TTPs to a given threat actor • Understanding of basic indicators from a given TTP's • Mapping threats to risks on the attack surface • Using active and passive reconnaissance techniques to find and enumerate networks and understand potential vulnerabilities • Advanced understanding of the differences between non-security related data and security signals. • Ability to perform basic data QA tasks as part of handling data feeds • Experience using source control (github), software development lifecycle and understanding of software design/architecture and fundamentals (algorithms and data structures). • Strong understanding of the customer problem being solved, and experience defining and validating the customer problem. • Basic understanding of architecture patterns; web, messaging, storage • Proactively identifies slow performing code, understands the execution and works with the team to improve performance of slow performing code. • Public Cloud: Fundamental knowledge of Cloud Networking, Cloud Computing, Cloud File Systems, Cloud Databases, and Storage. • Basic understanding of Containers • Can discover and walk through abuse cases specific to the choice of technologies (internal or third party). • Demonstrates product intuition and, with support, develops modeling solutions to solve business problems • Writes queries that join multiple tables and sources of data, applies filters, and partitions data

Qualifications: • 3+ years of experience with adversary intel collection, data analysis, and \ or security testing • Experience with network discovery and application fingerprinting • 2+ years of experience with building AI and ML models • 3+ years of experience with SQL, NoSQL, Big Data, Graph data warehouses and analysis tools. • 2+ years of experience using scripting languages, preferably python • Experience with at least one cloud environment; AWS, GCP, etc • 2+ years of experience with web services (consuming or creating) with REST or SOAP • Familiarity with BI and analytic tools, preferably Google Big Query and LookerStudio • BS/MS in computer science \ mathematics \ data science or equivalent work experience • Solid communication skills: Demonstrated ability to explain complex technical issues to both technical and non-technical audiences • Always Be Learning: Demonstrate advanced critical thinking and trouble-shooting capabilities to assess, prioritize, plan, and implement tasks and solutions effectively, including the ability to manage multiple projects at a time

Last updated a month ago

Responsibilities For Staff Security Engineer

  • Use AI & ML and Big Data to identify emerging threats on the attack surface, identify threat actors, relate basic indicators and TTPs to make informed security decisions
  • Collection of adversary tactics, techniques, and procedures (TTP's) across mobile, web, and cloud infrastructure
  • Ability to identify and categorize basic TTPs to a given threat actor
  • Understanding of basic indicators from a given TTP's
  • Mapping threats to risks on the attack surface
  • Using active and passive reconnaissance techniques to find and enumerate networks and understand potential vulnerabilities
  • Advanced understanding of the differences between non-security related data and security signals
  • Ability to perform basic data QA tasks as part of handling data feeds
  • Experience using source control (github), software development lifecycle and understanding of software design/architecture and fundamentals
  • Strong understanding of the customer problem being solved, and experience defining and validating the customer problem
  • Basic understanding of architecture patterns; web, messaging, storage
  • Proactively identifies slow performing code, understands the execution and works with the team to improve performance of slow performing code
  • Public Cloud: Fundamental knowledge of Cloud Networking, Cloud Computing, Cloud File Systems, Cloud Databases, and Storage
  • Basic understanding of Containers
  • Can discover and walk through abuse cases specific to the choice of technologies (internal or third party)
  • Demonstrates product intuition and, with support, develops modeling solutions to solve business problems
  • Writes queries that join multiple tables and sources of data, applies filters, and partitions data

Requirements For Staff Security Engineer

Python
Java
JavaScript
Kubernetes
Redis
  • 3+ years of experience with adversary intel collection, data analysis, and/or security testing
  • Experience with network discovery and application fingerprinting
  • 2+ years of experience with building AI and ML models
  • 3+ years of experience with SQL, NoSQL, Big Data, Graph data warehouses and analysis tools
  • 2+ years of experience using scripting languages, preferably python
  • Experience with at least one cloud environment; AWS, GCP, etc
  • 2+ years of experience with web services (consuming or creating) with REST or SOAP
  • Familiarity with BI and analytic tools, preferably Google Big Query and LookerStudio
  • BS/MS in computer science, mathematics, data science or equivalent work experience
  • Solid communication skills: Demonstrated ability to explain complex technical issues to both technical and non-technical audiences
  • Always Be Learning: Demonstrate advanced critical thinking and trouble-shooting capabilities to assess, prioritize, plan, and implement tasks and solutions effectively, including the ability to manage multiple projects at a time

Interested in this job?

Jobs Related To Intuit Staff Security Engineer

Senior Staff Technical Program Manager - Trust & Safety, Fraud Prevention

Lead Trust & Safety initiatives at Intuit as Senior Staff TPM, focusing on fraud prevention and customer protection across global financial technology platforms.

Sr Staff Research Engineer, Security Technical Debt

Senior Staff Research Engineer position at Intuit focusing on security technical debt, AI security, and data protection, requiring 8+ years of experience in security research and development.

Staff Security Researcher/Engineer

Senior security role focused on identifying and preventing fraud vulnerabilities across Intuit's product ecosystem through manual and automated testing.

Manager 3, Threat Detection Engineering

Lead Threat Detection Engineering team at Intuit, focusing on security operations, detection engineering, and incident response for global financial technology platform.

Red Team Security Engineer- Staff

Staff-level Red Team Security Engineer role at Intuit focusing on offensive security, exploit development, and cloud security.