Lead SOC Analyst

With the explosion of information and data online, search has never been more important. However, while the world of consumer search has innovated over time, enterprise search has not. In fact, the majority of enterprise search is powered by outdated keyword technology that only scans for keywords and delivers a list of hyperlinks rather than actually answering questions. Yext, the AI Search Company, offers a modern, AI-powered Answers Platform that understands natural language so that when people ask questions about a business online they get direct answers – not links.

We have a big, audacious mission to transform the enterprise with AI search. To achieve that, we need bright minds and diverse perspectives to join our growing company and help us continue to disrupt an industry. Does this sound like you?

Yext is actively seeking a Lead Engineer for the Security Operations Center (SOC) division reporting into the Cyber Security Office. This role will serve as a technical and business subject matter expert in various key areas relating to IT and Cloud security posture and Cyber Security Incident Response operations across the organization. This role will enable the product, engineering, IT and security teams to make the right security & privacy decisions by performing environment-based assessments and providing guidance around security incident operations and escalation protocols, all the while recommending best practices. In this role you will also assist other Cyber Security leaders in driving a culture of awareness within Yext, promote Security best practices and support compliance initiatives.

What You'll Do

• Drive the maturity of the Incident Response Program by identifying gaps and developing optimized solutions.
• Build and manage a business plan to drive operational resiliency for Yext.
• Develop and implement a metrics driven technical roadmap that will define the maturity of Security Operations.
• Architect, design, and support the implementation of system logging and SIEM ingestion channels.
• Act as the technical subject matter expert for performing threat modeling exercises identifying gaps in detection capabilities.
• Create and manage cybersecurity playbooks ensuring alignment with new and existing policies and standards.
• Manage Incident management practice and triage of security incidents and drive them to response and recovery.
• Support and assist with Business Continuity and Disaster Recovery exercises.
• Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to in order to drive operational excellence.
• Provide administrative direction and support for daily operational activities.
• Ensure SLA compliances, process adherence, process improvement to meet operational objectives.
• Providing CISO/Senior Management with a realistic overview of risks and threats in the enterprise environment.

What You Have

• In-depth understanding of Secure design principles and technical architecture using AWS, GCP and On premise environments.
• Experience in designing, implementing and measuring relevant security and technology management critical success factors, key performance indicators, and metrics.
• Understanding of IaC concepts and assessing the gaps thereof.
• In-depth knowledge of modern security concepts and how to apply them.
• Understanding of Linux, bonus points for experience with HashiCorp Nomad.
• Experience with FedRAMP, ISO27k and SOC2 is a plus.
• Required hands-on experience responding to security incidents and leading Incident Response operations.
• Practical knowledge of threat landscape evaluation, common attacker techniques and mitigations using the MITRE ATT&CK framework.
• Demonstrable record of delivering critical security solutions across multiple stakeholder groups with complex priorities.
• 5-7 years of relevant work experience in Security Operations, IT Security or Security Engineering teams.
• Experience in DFIR, building tabletop scenarios, and ability to mentor junior engineers.
• Self-motivated team player that is energetic, with excellent interpersonal and organizational skills.
• Experience presenting to development and architecture teams on security recommendations.
• Experience in managing and maintaining relationships between Yext, vendors, and customers.

In today's dynamic threat environment, software firms are increasingly acknowledged as a highly-targeted industry for cyberattack due to the confidentiality and sensitivity of customer data, as well as the immediacy in which that data is needed to perform their operational duties. Given Yext’s vital role within the software ecosystem, protection of data is paramount in ensuring high-trust relationships with customers, partners and vendors.

Perks and Benefits

YEXT takes great pride in its diverse workforce and we go length and breadth to ensure we have a highly engaged and connected working environment. We have a big, audacious mission to transform the enterprise with AI search. To achieve that, we need a global team made up of the brightest innovators, visionary thought leaders, and enthusiastic collaborators who care about making a difference in the world while building an amazing culture in the process.

We follow an annual performance appraisal policy and include a great bonus model in our pay structure. We believe that people do their best when they feel their best — and in order to feel their best, they must be well informed, fuelled, and rested. To ensure our employees are at their best, we provide the following perks.

1. Attractive Bonus and Stock options for eligible positions
2. A whole suite of best in class leave bouquet: Paid Time Off , Maternity leave, Paternity leave, Sick leave, Casual Leaves, National Holidays  etc.
3. Medical insurance benefits of 5L covering parents (including COVID hospitalization)
4. Relocation benefits
5. World class office infrastructure with Gaming rooms, plush pantry and Break out areas. 

#LI-RK2