At eBay, we're more than a global ecommerce leader — we’re changing the way the world shops and sells. Our platform empowers millions of buyers and sellers in more than 190 markets around the world. We’re committed to pushing boundaries and leaving our mark as we reinvent the future of ecommerce for enthusiasts.

Our customers are our compass, authenticity thrives, bold ideas are welcome, and everyone can bring their unique selves to work — every day. We're in this together, sustaining the future of our customers, our company, and our planet.

Join a team of passionate thinkers, innovators, and dreamers — and help us connect people and build communities to create economic opportunity for all.

Job Description – CSIRT Incident Response Engineer II

eBay is seeking a CSIRT IR Engineer to join our highly visible Cyber Security Incident Response Team that provides Security Operations Center (SOC) support, cyber analysis, scripting and automation, and a 24x7x365 support staff.

Working within eBay’s Computer Security Incident Response Team (CSIRT) you will have the opportunity to build innovative solutions to identify and mitigate information-security threats.  You will work collaboratively to creatively solve complex security problems in a heterogeneous environment.   With your contributions, we’re building the best security incident response team in the industry.  Your skills, vision, tenacity, and passion will help us defend and respond daily to keep eBay’s critical information assets away from threats and hackers.

Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.

In addition to Incident response expertise, you must demonstrate expert knowledge in two (2) or more of the following areas:

Vulnerability Assessment and Pen Testing, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Encryption, Web-filtering, Advanced Treat Protection, Email Security, Digital Forensics, Monitoring and Detection, Cyber Intelligence Analysis.

Core Job Functions Include:

• Investigations – Investigating computer and information security incidents to determine extent of compromise to information and automated information systems

• Escalations – Responding to escalated notable events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.

• Research – Researching attempted or successful efforts to compromise systems security and designs countermeasures.

• Education - maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.

• Communications – Provides information and updates to shift leads, creates pass-downs for next shift, work closely with supporting teams, provide feedback for new security policy and standards, engage with other teams and adjacencies through email and conference calls.

• Digital Forensics – As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law

• Coverage – Must be willing to perform shift work, weekends, and holidays as well as participate in a rotating shift consisting of four (4) 10 hour shifts with four days on, three (3) days off and possible rotations across Day, Swing, and Graveyard shifts as needed.

To be successful in this position, you should be proficient with:

• Incident Response – Getting people to do the right thing in the middle of an investigation.

• Offensive Techniques – Penetration testing, IOCs, and exploits at all layers of the stack.

• Logs - you should be comfortable with a SEIM to be able to gather and analyze logs to recreate incidents and hunt for threats.

• System Forensics – Basic understanding of image acquisition techniques, memory forensics, and the like.

• Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.), and Wireshark/TCPDump.

• Scripting – Should be familiar in scripting in at least one of the following: python, perl or a similar language.

• Risk Analysis – Taking a vulnerability in a particular environment and understanding the practical associated risk.

Qualifications:

• Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.

• 4+ years of professional experience in incident detection and response, malware analysis, or digital forensics.

Must have at least one (1) of the following certifications:

• SANS GIAC: GCED, GCIA, GPEN, GWAPT, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON, GCIH

• ISC2: CCFP, CCSP, CISSP

• Cisco: CCNA, CCNP

• CERT: CSIH

• EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH

• Offensive Security: OSCP, OSCE, OSWP and OSEE

• Digital Forensics: EnCE, CB, MiCFE, ACE, GCFA, GCFE

In addition, minimum of one (1) year of specialized experience in one or more of the following areas:

• Security Assessment or Offensive Security

• Application Security

• Security Operations Center/Security Incident Response

• Cyber intelligence Analysis

At eBay, your work makes a difference. We believe that we can build a better form of commerce that is enabled by people, supported by technology, and open to everyone – creating more opportunity for all.

Additional Details

eBay is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you have a need that requires accommodation, please contact us at [email protected]. We will make every effort to respond to your request for accommodation as soon as possible. View our accessibility statement to learn more about eBay's commitment to ensuring digital accessibility for people with disabilities.

We use cookies to enhance your experience and may use AI tools for administrative tasks in the hiring process. To learn how we handle your personal data and use AI responsibly, please visit our Talent Privacy Notice, Privacy Center, and AI Hiring Guidelines.