About the OpportunityContentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.We are looking for a committed and driven Security Analyst with experience performing analysis and incident management of information security events. As an analyst, you will have daily alert investigation responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security Operations program. Candidates should be skilled in detection management and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.You will be expected to work independently, work as a part of a team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.What to expect? Perform daily alert investigation and response in a hybrid environment.Collaborate with the team and actively assist in major response exercises.Conduct detail-oriented analysis across challenging and complex ecosystems.Be capable of reporting or summarizing your findings to a broad audience.Create processes, documentation, and runbooks to support a rapidly growing organization.Take ownership of tuning, refinement, and development of detection use cases.Drive continuous improvement across all aspects of threat detection and response.Identify systemic issues and collaborate on approaches to address root causes.Play an active role in scaling Operation practices by contributing to team roadmaps.Provide delightful and informative interactions with all end users.Proactively identify opportunities for user training and awareness programs.Collaborate on threat models by incorporating detection use cases into designs.Assist in the creation of requirements and testing of security solutions.What you need to be successful3+ years of Security Operations or Incident Response experience.Proficiency in analysis methods (e.g., log analysis, live response, forensics, etc.)Firm understanding of the evolving attacker Tactics, Techniques, and Procedures.Strong network fundamentals (e.g., TCP/IP, Layer 7 protocols, etc.)Ability to perform detailed host analysis on Mac, Windows, & Linux systems.Familiarity analyzing Software-as-a-Service log sources to support investigations.Practical experience using security technologies (e.g., SIEM, EDR, AntiVirus, Email, etc.)Exposure using Splunk in support of alert investigation across multiple data sources.Experience performing investigations in cloud service providers (e.g., AWS, GCP, Azure, etc.)Hands-on experience with malware analysis using dynamic and static analysis tools.Practical mindset to balance business needs with security requirements.Ability to drive change through continuous improvement.Capable of working independently and collaboratively as a team.Comfortable working with a geographically dispersed team.What's in it for you?Join an ambitious tech company reshaping the way people build digital experiencesFull-time employees receive Stock Options for the opportunity to share in the success of our companyComprehensive healthcare package health/dental/vision care package covering 100% of monthly health premiums for employees and 85% of costs for your dependents. Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.We valueWork-Life balanceandYou Time!A generous amount of paid time off, including vacation days, sick days, education days, compassion days for loss, and volunteer daysCompany paid parental leaveto care for and focus on your growing family Use your personal annual education budget to improve your skills and grow in your careerEnjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties An annual wellbeing stipend to care for your physical, financial, or emotional healthA monthly communication phone/internet stipend and phone hardware upgrade reimbursement.New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.#LI-Remote
