Incident Response Analyst
Who we are and what we do
SurveyMonkey (Nasdaq: SVMK), is a leader in agile software solutions for customer experience, market research, and survey feedback. Our platform empowers more than 20 million active users to analyze and act on feedback from employees, customers, website and app users, and market research respondents. SurveyMonkey's products, enterprise solutions, and integrations enable more than 345,000 organizations to deliver better customer experiences, increase employee retention , and unlock growth and innovation. Ultimately, SurveyMonkey's vision is to raise the bar for human experiences by amplifying individual voices.
As an Incident Response (IR) Lead, you will be a hands-on incident responder investigating cases involving cloud, traditional on-premises infrastructure/components, and hybrid environments. When not participating in an incident, you will be threat hunting. Because of the nature of IR, we are looking for someone who is technically proficient and can effectively communicate with leadership, managers and individual contributors during an IR situation. You will also oversee the strategic direction of the IR function, working with the Privacy and Legal teams. This role will report to the Senior Manager, Security Ops.
- Manage investigations including organizing unstructured work and engaging resources across the company.
- Manage urgency and visibility to ensure timely response by all involved parties.
- Conduct IR analysis, network log and network PCAP analysis, and other investigation related activities to support IR.
- Respond to important incidents, threats, vulnerabilities and bringing these issues to resolution.
- Communicate/coordinate with internal and 3rd party teams during high severity incidents.
- Orchestrate and conduct table-top exercises.
- Develop incident playbooks and repeatable methods for managing and responding to malicious activities across networks, systems, and products.
- Design, and implement IR processes, procedures, guidelines, and solutions.
- Provide technical and executive level reports on IR issues.
- Work together with the Cyber Defense and Cyber Detect teams.
- Forensically analyze end user systems and servers found to have possible indicators of compromise.
- Identify security incidents through threat hunting operations within a SIEM and other relevant tools.
- 3+ years hands-on working in Cyber incident analysis or response in medium to large organizations with cloud and forensics components.
- In-depth experience with all facets of IR.
- Solid experience applying all facets of IR to on-prem and cloud environments.
- Threat hunting experience with Python, SIEM, and EDR solutions.
- Organize collaboration across multiple teams, departments, and levels.
- Familiarity with SOAR (Security Orchestration, Automation and Response) software with an emphasis on building complex playbooks for automating routine incidents.
What we offer our employees
SurveyMonkey is a place where the curious come to grow. By embedding inclusion into our processes, policies, and culture for our 1,000+ employees across North America, Europe, and APAC, we're building a workplace where people of every background can thrive. We've won multiple awards and received recognition for our forward-looking policies, including extended parental and bereavement leave, vendor benefits standards, and Take 4 sabbaticals.
SurveyMonkey was recognized by Great Place to Work® and FORTUNE as a top workplace in 2018 and 2019, and the company has also won numerous awards as a leader in global survey software, including being named among CNBC's Disruptor 50 and the Forbes Cloud 100.
Our commitment to an inclusive workplace
SurveyMonkey is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Accommodations are available for applicants with disabilities.
Learn more about our diversity, equity, and inclusion efforts here