Security Analyst

About the opportunity

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that IT Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Security Analyst with experience performing analysis and incident management of information security events. As an analyst, you will have daily alert investigation responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security Operations program. Candidates should be skilled in detection management and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.

You will be expected to work independently, work as a part of a team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.

What to expect?

• Perform daily alert investigation and response in a hybrid environment
• Collaborate with the team and actively assist in major response exercises
• Conduct detail-oriented analysis across challenging and complex ecosystems
• Drive continuous improvement across all aspects of threat detection and response
• Take ownership of tuning, refinement, and development of detection use cases 
• Play an active role in scaling Operation practices by contributing to team roadmaps
• Identify systemic issues and collaborate on approaches to address root causes
• Create processes, documentation, and runbooks to support a rapidly growing team
• Provide delightful and informative interactions with all end users
• Proactively identify opportunities for user training and awareness programs
• Collaborate on threat models by incorporating detection use cases into designs
• Assist in the creation of requirements and testing of security solutions
• Help with the triage, remediation, and growth of vulnerability management

What you need to be successful?

• 3+ years of Security Operations or Incident Response experience
• Mastery of investigation approaches and methods
• Hands-on experience using security technologies (e.g., SIEM, EDR, AntiVirus, etc.)
• Proficiency in analysis fundamentals (e.g., log analysis, live response, forensics, etc.)
• Strong technology fundamentals (e.g., OSI Model, TCP/IP, Layer 7 protocols , etc.)
• Practical experience with cross-platform and hybrid environment investigations
• Ability to perform detailed host analysis on Mac, Windows, & Linux systems
• Expertise in AWS audit and security services to investigate cloud centric threats
• Firm understanding of attacker Tactics, Techniques, and Procedures
• Ability to interpret designs and enumerate actionable detection use cases
• Passion for solving complex security problems in innovative and scalable ways
• A drive for change through continuous improvement
• Capable of working independently but possesses a collaborative mindset
• Ability to work in a fast-paced environment, often juggling multiple projects

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital product
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive health/dental/vision care package covering 100% of monthly  premiums for employees 
• We value Work-Life balance and You Time! A generous combination of a flexible time off policy, volunteer time off and paid holidays 
• 16 weeks of paid parental leave (after 6 months of employment)
• Use your personal education budget to improve your skills and grow in your career. 
• Enjoy a full range of virtual events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• Share and navigate the excitement of a new workplace with your CFF (Contentful First Friend) 
• Commuter benefits and monthly bill stipend 
• Plus, Contentful socks! And other amazing swag as part of company events. Oh yeah!

Who are we?

Contentful is the leading content platform that powers digital experiences for over 30% of the Fortune 500 companies and thousands of global brands. Our platform unifies content in a single hub, structures it for use in any digital channel and integrates seamlessly with hundreds of tools through open APIs. It lets developers and content creators work in parallel, increasing team efficiency and happiness. Companies such as Shopify, Staples, Atlassian, Electronic Arts, Chanel, Roche, Vodafone use Contentful to build their mobile and web products, voice-controlled apps and more. 

We’re growing rapidly and we have secured over $330 million in funding from top-tier partners such as Tiger Global, Sapphire Ventures, Salesforce Ventures, General Catalyst and Benchmark.

More than 750 people from 70 nations contribute their energy and creativity to Contentful, working from hubs in Berlin, San Francisco, Denver and distributed around the world.

Everyone is welcome here!

“Everyone is welcome here” is a celebrated component of our culture. At Contentful, we strive to create an inclusive environment that empowers our employees. We believe that our products and services benefit from our diverse backgrounds and experiences and are proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, national origin, religion, sexual orientation, gender, gender identity, age, physical [dis]ability, or length of time spent unemployed. We invite you to apply and join us!

If you need reasonable accommodations at any point during the application or interview process, please let your recruiting coordinator know.

Please be aware of scammers who may fraudulently allege to be from Contentful. These types of fraud can be carried out through copycat websites, fake email addresses claiming to be from our company, or social media. We do not ask for your personal information such as bank account numbers, identification numbers, etc through social media or chat-based apps, nor do we request or send money for the purchase of business equipment. If you suspect fraud, please report it to your local authorities, as well as reaching out to us at security@contentful.com with any information you may have.

By clicking “Apply for this job,” I acknowledge that I have read the “Contentful’s Candidate Privacy Notice”, and hereby consent to the collection, processing, use, and storage of my personal information as described therein.