Information Security Incident Response Engineer

Priceline gives travelers the inside track to travel deals and discounts. With their exclusive deal search technology, priceline aims to deliver more ways to save on airline tickets, hotel rooms, rental cars, vacation packages and cruises than anyone else.

You will build priceline’s capabilities to detect and respond to security incidents. You will have responsibility for day to day system and data security at priceline.com. You’ll find and fix problems while heping priceline.com to maintain velocity. You will: * Detect and respond to data security incidents and threats * Develop processes to reduce frequency and impact of future attacks * Fix vulnerabilities, or work directly with our engineers to close them * Hunt for malicious activity against our customers and employees * Protect the availability of critical systems and prevent the loss of critical data * Support compliance and audit activities * Have familiarity with security tools such as Grr, Bro, Suricata, Splunk, ElasticSearch, Burp and Metasploit. This role will work with our developers, sysadmins, network engineers, and business teams.. As a member of the company's information security team, this person has the responsibility for day to day system and data security.

* Collect and correlate interesting data to find attackers quickly * Respond to system security weak points, work with other teams and third party vendors to resolve security issues * Manage incidents large and small from detection to closure * Develop creative improvements to security system capabilities * Respond to security incidents and report on incident handling and resolution * Participate in post-mortem investigation of security incidents and prepare security incident reports documenting the findings * Design, implement and support security-focused tools and services

**Required Skills:** * Thorough understanding of network, system, and application security which you’ll apply to * Scripting skills to develop and improve security and user data analysis tools * Comfort with network, server, and application log analysis and correlation * Working experience and knowledge of Windows and Unix/Linux operating systems * Ability to confidently and simply explain technical security issues without hype or buzzwords * Curiosity and creativity in breaking and defending modern web applications * Demonstrate outstanding teamwork skills * Dive deep into challenging issues and taking ownership for resolving them * Have the ability to work with technical and non-technical business owners to get things done **Required Experience:** * 5+ years technical work experience * Experience with the following: event detection and correlation tools, application and network security testing tools, intrusion detection and prevention tools, Strong understanding of modern web application security. * Experience in a PCI-compliant environment **Tools:** * Elasticsearch, splunk, BRO, or Suricata Intrusion detection, Java and Javascript, Burp, Endpoint forensics tools like GRR