Proactively detect security threats across services and infrastructure,
constantly evolving the response system through tech-based automation.
: We are looking for a Security Engineer (Detection & Response) to share this exciting mission!
Let me introduce the organization you will join 🚀
• The Security Engineer (Detection & Response) position joins the Security Team of the Product Strategy Chapter.
• This team works directly under the CEO to establish and operate LapLabs’ information protection and privacy protection system across the organization.
• Responsible for the security of customer services that LapLabs operates, such as QuinIT and PaldoGum, as well as the overall internal office environments.
• The Security Engineer (Detection & Response) specializes in detecting, responding to, and automating security threats.
• You will be part of building a new security detection and response system, directly designing and creating the foundation from 0 to 1.
• Aim to automate repetitive tasks and focus on essence to increase the security team's productivity by N times.
• Beyond mere compliance, this role involves performing tech-based security automation and fostering a security culture.
• Ultimately, the goal is to enhance security levels without compromising the convenience of the members.
The Security Team solves the following issues 🚀
• Information protection management system operation: Maintaining ISMS and ISO certifications and meeting compliance requirements.
• Vulnerability management: Inspect vulnerabilities across web/mobile/API and advance fundamental improvements for discovered vulnerabilities.
• Operating Secure SDLC: Internalizing security within the development process to establish an End-to-End security system.
• Security detection and response: Detecting security threats occurring in customer services like QuinIT and PaldoGum and quickly analyzing and responding to incidents.
• Security engineering: Directly performing the introduction, establishment, and operation of security solutions, and automating security operations through API and self-development.
• Security training and guidance: Enhancing security sensitivity and establishing security as a culture among internal members.
Join us and work on the following tasks 🚀
• Establishing a security event collection, analysis, and response system
◦ Design and build a centralized collection pipeline for security events occurring across customer services like QuinIT and PaldoGum as well as internal office environments.
◦ Integrate and normalize security logs from various sources (servers, networks, cloud, SaaS, endpoints, etc.) mainly utilizing a SIEM, and design and build a real-time monitoring environment.
◦ Design and develop detection rules (Use Case), and enhance detection accuracy through continuous tuning.
◦ Establish and continuously improve the entire process of collection, detection, analysis, and response.
• Investigating security incidents and preventing recurrence
◦ Conduct investigations to analyze the cause and breach path when security events are detected or incidents occur.
◦ Establish and implement measures to prevent recurrence based on the analysis results.
◦ Reflect improvements derived from the incident response process into detection rules, automation, and operational processes.
• Building and automating security solutions
◦ Select, introduce, and build necessary solutions and open-source tools for security operations.
◦ Automate repetitive detection, analysis, and response tasks through API integrations and the development of internal tools.
◦ Design optimal security architecture by combining commercial solutions and open-source tools as needed.
LapLabs is looking for someone like you 🚀
• You have more than 7 years of experience in security event analysis or incident response.
• You have led efforts in cause and breach path analysis to establishing and implementing recurrence prevention measures.
• You possess hands-on experience designing and building SIEM without distinction between commercial solutions (Splunk, QRadar, etc.) or open-source ones (ELK Stack, Wazuh, etc.).
• You have practical experience in selecting and implementing security solutions, and automating security operations through API integrations and developing tools using Python/Go.
• You have the ability to analyze security logs from servers, networks, and cloud environments.
• You have designed and built security detection and response systems or security operation architectures from the ground up.
• You have communication skills to collaborate with various teams to resolve security issues together.
Experience in the following areas would be even better! 🚀
• Experience in developing and managing detection rules based on Detection-as-Code (Sigma, YARA, etc.).
• Experience in analyzing and improving detection coverage using the MITRE ATT&CK framework.
• Experience in identifying potential threats that were not detected by existing detection rules through Threat Hunting.
• Experience in building or operating SOAR (Security Orchestration, Automation and Response) platforms.
• Experience in breach analysis using digital forensics tools (memory, disk, network).
• Experience using threat intelligence like CTI (Cyber Threat Intelligence), OSINT, etc.
• Experience analyzing security events in container environments such as EKS/Kubernetes.
• Experience improving security detection, analysis, and response tasks using AI/LLM.
• Experience presenting at security conferences.
Your journey to joining LapLabs 🚀
• Recruitment process: Document screening > 1st practical interview > 2nd culture interview > compensation discussions > final acceptance
◦ The process may be subject to some changes or additions after prior notice according to schedule and circumstances.
◦ Regardless of the outcome (pass/fail) of each stage, all applicants will be individually contacted within 1-2 weeks.
◦ For regular positions, a 3-month probation period applies. During this period, 100% of the salary will be paid, and the probation may be extended or terminated based on evaluation.
◦ If any information in the resume or supporting documents submitted during the hiring process is found to be false or incorrect, the acceptance may be canceled.
