?? WhatnotWhatnot is a livestream shopping platform and marketplace backed by Andreessen Horowitz, Y Combinator, and CapitalG. We're building the future of ecommerce, bringing together community, shopping and entertainment. We are committed to ourvalues, and as a remote-first team, we operate out of hubs within theUS, Canada, UK, Ireland, and Germany today.We're innovating in the fast-paced world of live auctions in categories including sports, fashion, video games, and streetwear. The platform couples rigorous seller vetting with a focus on community to create a welcoming space for buyers and sellers to share their passions with others.And, we're growing. Whatnot has been thefastest growing marketplacein the US over the past two years and we're hiring forward-thinking problem solvers across all functional areas.?? RoleApply comprehensive knowledge and a thorough understanding of Incident Response concepts, principles, and technical capabilitiesCollaborate across Information Security and business partners to ensure effective, precise, and rapid responseAct as the point of escalation from within the Incident Response team to drive all cyber incidentsIdentify new detection opportunities, create playbooks, and support new technology implementations to defend against evolving threatsMaintain awareness and understanding of the current threat landscape. Analyze threat intelligence with the aim to mitigate potential risksReport the overall health of the SOC via metrics, OKRs, and risk indicators to leadershipProvide Incident Response (IR) support when analysis suspects security incidents to help contain and eradicate threats;Perform incident triage, incident response, and forensic investigations across endpoints and cloud environmentsConduct technical examinations of computer-based evidence including logs, packet captures, SIEM & IDS events, disk forensics, malware analysis, and moreDocument incidents from initial detection through final resolution, and present the findingsInvestigate, document, and report on cyber security issuesCreate and continuously improve standard processes, operating procedures, and incident response playbooks?? YouCurious about who thrives at Whatnot? We've found that low ego, a growth mindset, and leaning into action and high impact goes a long way here.As our nextThreat Detection and Response Engineer,you should have a minimum of 5+ years of relevant experience in security, preferably in a large enterprise environment, plus:Bachelor's degree in Computer Science, Information Security, a related field, or equivalent work experience.5+ years' experience in cyber incident response, or a similar cyber field, including experience with security principles, and defense-in-depth techniquesExperience and understanding of security concepts, SOAR(Tines), EDR, NDR and SIEM (Chronicle) technologiesExperience with multiple Cloud Service Providers (AWS, GCP)Excellent written communication skills with the ability to document, communicate, and report security incidents, as well as the status of the implementation and effectiveness of cybersecurity controls with product and business leadersExpected to perform on-call duties??CompensationFor Full-Time (Salary) US-based applicants: $210,000/year to $275,000/year + benefits + stock optionsThe salary range may be inclusive of several levels that would be applicable to the position. Final salary will be based on a number of factors including, level, relevant prior experience, skills and expertise. This range is only inclusive of base salary, not benefits (more details below) or equity in the form of stock options.?? BenefitsFlexible Time off Policy and Company-wide Holidays (including a spring and winter break)Health Insurance options including Medical, Dental, VisionWork From Home Support$1,000 home office setup allowance$150 monthly allowance for cell phone and internetCare benefits$450 monthly allowance on food$500 monthly allowance for wellness$5,000 annual allowance towards Childcare$20,000 lifetime benefit for family planning, such as adoption or fertility expensesRetirement; 401k offering for Traditional and Roth accounts in the US (employer match up to 4% of base salary) and Pension plans internationallyParental Leave16 weeks of paid parental leave + one month gradual return to work *company leave allowances run concurrently with country leave requirements which take precedence.?? EOEWhatnot is proud to be an Equal Opportunity Employer. We value diversity, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, parental status, disability status, or any other status protected by local law. We believe that our work is better and our company culture is improved when we encourage, support, and respect the different skills and experiences represented within our workforce.
