About the OpportunityContentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.We are looking for a committed and driven Security Analyst with experience performing analysis and incident management of information security events. As an analyst, you will have daily alert investigation responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security Operations program. Candidates should be skilled in detection management and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.You will be expected to work independently, work as a part of a team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.What to expect? Perform daily alert investigation and response in a hybrid environment.Collaborate with the team and actively assist in major response exercises.Conduct detail-oriented analysis across challenging and complex ecosystems.Be capable of reporting or summarizing your findings to a broad audience.Create processes, documentation, and runbooks to support a rapidly growing organization.Take ownership of tuning, refinement, and development of detection use cases.Drive continuous improvement across all aspects of threat detection and response.Identify systemic issues and collaborate on approaches to address root causes.Play an active role in scaling Operation practices by contributing to team roadmaps.Provide delightful and informative interactions with all end users.Proactively identify opportunities for user training and awareness programs.Collaborate on threat models by incorporating detection use cases into designs.Assist in the creation of requirements and testing of security solutions.What you need to be successful3+ years of Security Operations or Incident Response experience.Proficiency in analysis methods (e.g., log analysis, live response, forensics, etc.)Firm understanding of the evolving attacker Tactics, Techniques, and Procedures.Strong network fundamentals (e.g., TCP/IP, Layer 7 protocols, etc.)Ability to perform detailed host analysis on Mac, Windows, & Linux systems.Familiarity analyzing Software-as-a-Service log sources to support investigations.Practical experience using security technologies (e.g., SIEM, EDR, AntiVirus, Email, etc.)Exposure using Splunk in support of alert investigation across multiple data sources.Experience performing investigations in cloud service providers (e.g., AWS, GCP, Azure, etc.)Hands-on experience with malware analysis using dynamic and static analysis tools.Practical mindset to balance business needs with security requirements.Ability to drive change through continuous improvement.Capable of working independently and collaboratively as a team.Comfortable working with a geographically dispersed team.What's in it for you?Join an ambitious tech company reshaping the way people build digital experiencesFull-time employees receive Stock Options for the opportunity to share ownership and the success of our companyWe valueWork-Life balanceandYou Time!A generous amount of paid time off, including vacation days, education days, and volunteer daysAccess to our Employee Assistance Program (EAP) for information, support, discussion, and counseling for life's challengesUse your personal education budget to improve your skills and grow in your career. Use your physical fitness budget to get away from your desk and support your physical wellnessEnjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties A monthly phone/internet stipend and phone upgrade reimbursement after 2 yearsNew hire office equipment stipend. Get the gear you need to work at your best#LI-Remote
