Incident Response Lead

United States

Contentful

Business moves faster when teams producing content have a platform that empowers them to collaborate, innovate, and deliver impactful experiences at scale.

View company page

About the opportunity

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Staff Security Analyst with experience performing analysis and incident management of information security events, as well as experience contributing directly to the growth of and design of a security program. As a staff security analyst, you will have daily alert investigation and incident response responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security program. Candidates should be skilled in detection management and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.

You will be expected to work independently, work as a part of a team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.

What to expect?

  • Play an active role in scaling operation practices by contributing to team roadmaps.
  • Use modern engineering practices to achieve data driven goals.
  • Perform daily alert investigation and response in a cloud-native and traditional environment.
  • Investigate and lead teams responding to incidents of varying sizes and complexities.
  • Facilitate incident training, including table table-top exercises.
  • Create processes, documentation, and runbooks to support a growing team.
  • Lead and refine detection engineering, including the creation and upkeep of threat detections.
  • Collaborate on threat models by incorporating detection use cases into designs.
  • Drive continuous improvement across all aspects of threat detection and response.
  • Identify systemic issues and collaborate on approaches to address root causes.
  • Opportunity to compose high-quality incident and threat reports for executives.
  • Provide insights and input on tool selection to help grow our cybersecurity portfolio.
  • Ensure all end users receive delightful and informative interactions with Security.

What you need to be successful?

  • 6+ years experience in security operations, including alert triage and investigation
  • 4+ years conducting large scale incident response activities
  • 2+ years leading or coordinating incident response activities 
  • Ability to support occasional off-hours incident response efforts
  • Expertise in attacker techniques in cloud-native and traditional environments.
  • Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
  • Expertise in AWS audit and security services to investigate cloud centric threats
  • Expert usage, data onboarding, and data administration within Splunk
  • Mastery of investigation methods and capable of handling complex and ambiguous cases
  • Practical experience with cross-platform and hybrid environment investigations
  • Ability to perform detailed host analysis on Mac, Windows, & Linux systems
  • Proficient in correlating patterns across assets and environments to support investigation.
  • Incident lifecycle master with ability to cohesively manage simultaneous workstreams
  • Ability to make tactical and fundamental recommendations to improve security
  • Ability to design large-scale threat detection using diverse technologies and data sets
  • Skilled in evaluating quantitative and qualitative effectiveness of security measures
  • Familiarity with modern engineering and detection engineering practices
  • Passion for solving complex security problems in innovative and scalable ways
  • A drive for change through continuous improvement
  • Capable of working independently but possesses a collaborative mindset
  • Ability to work in a fast-paced environment, often juggling multiple projects
  • Experience working independently and as part of a team

What's in it for you?

  • Join an ambitious tech company reshaping the way people build digital experiences
  • Full-time employees receive Stock Options for the opportunity to share ownership and the success of our company
  • Comprehensive health/dental/vision care package covering 100% of monthly  premiums for employees
  • We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, education days, and volunteer days
  • 6 weeks of paid parental leave to care for and focus on your growing family
  • Use your personal education budget to improve your skills and grow in your career
  • Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
  • Use your physical fitness budget to get away from your desk and support your physical wellness
  • A monthly phone/internet stipend and phone upgrade reimbursement after 2 years
  • New hire office equipment stipend. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. 

#LI-Remote #LI-JE1

Who are we?

Contentful is the intelligent composable content platform that unlocks all of an organization’s digital content to deliver impactful customer experiences, making content a strategic business asset. The Contentful Platform, Contentful Studio, and the Contentful Ecosystem combine the flexibility of composable content with the intelligence of AI, empowering digital teams to drive business momentum through collaboration, speed, and scale. Contentful powers innovative content experiences across brands, regions, and channels for organizations around the world, including nearly 30% of the Fortune 500. Nearly 800 people from more than 70 nations contribute their energy and creativity to Contentful, working from hubs in Berlin, Denver and distributed around the world.

Everyone is welcome here!

“Everyone is welcome here” is a celebrated component of our culture. At Contentful, we strive to create an inclusive environment that empowers our employees. We believe that our products and services benefit from our diverse backgrounds and experiences and are proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, national origin, religion, sexual orientation, gender, gender identity, age, physical [dis]ability, or length of time spent unemployed. We invite you to apply and join us!

If you need reasonable accommodations at any point during the application or interview process, please let your recruiting coordinator know.

Please be aware of scammers who may fraudulently allege to be from Contentful. These types of fraud can be carried out through copycat websites, fake email addresses claiming to be from our company, or social media. We do not ask for your personal information such as bank account numbers, identification numbers, etc through social media or chat-based apps, nor do we request or send money for the purchase of business equipment. If you suspect fraud, please report it to your local authorities, as well as reaching out to us at security-esk@contentful.com with any information you may have.

By clicking “Apply for this job,” I acknowledge that I have read the “Contentful’s Candidate Privacy Notice”, and hereby consent to the collection, processing, use, and storage of my personal information as described therein.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Antivirus AWS Cloud DevOps EDR Incident response Linux Privacy Splunk Threat detection Windows

Perks/benefits: Career development Equity Fitness / gym Gear Health care Home office stipend Parental leave Startup environment Team events Wellness

Regions: Remote/Anywhere North America
Country: United States
Job stats:  19  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.