Incident Response Lead
ContentfulBusiness moves faster when teams producing content have a platform that empowers them to collaborate, innovate, and deliver impactful experiences at scale.
About the opportunity
Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.
We are looking for a committed and driven Staff Security Analyst with experience performing analysis and incident management of information security events, as well as experience contributing directly to the growth of and design of a security program. As a staff security analyst, you will have daily alert investigation and incident response responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security program. Candidates should be skilled in detection management and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.
You will be expected to work independently, work as a part of a team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.
What to expect?
- Play an active role in scaling operation practices by contributing to team roadmaps.
- Use modern engineering practices to achieve data driven goals.
- Perform daily alert investigation and response in a cloud-native and traditional environment.
- Investigate and lead teams responding to incidents of varying sizes and complexities.
- Facilitate incident training, including table table-top exercises.
- Create processes, documentation, and runbooks to support a growing team.
- Lead and refine detection engineering, including the creation and upkeep of threat detections.
- Collaborate on threat models by incorporating detection use cases into designs.
- Drive continuous improvement across all aspects of threat detection and response.
- Identify systemic issues and collaborate on approaches to address root causes.
- Opportunity to compose high-quality incident and threat reports for executives.
- Provide insights and input on tool selection to help grow our cybersecurity portfolio.
- Ensure all end users receive delightful and informative interactions with Security.
What you need to be successful?
- 6+ years experience in security operations, including alert triage and investigation
- 4+ years conducting large scale incident response activities
- 2+ years leading or coordinating incident response activities
- Ability to support occasional off-hours incident response efforts
- Expertise in attacker techniques in cloud-native and traditional environments.
- Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
- Expertise in AWS audit and security services to investigate cloud centric threats
- Expert usage, data onboarding, and data administration within Splunk
- Mastery of investigation methods and capable of handling complex and ambiguous cases
- Practical experience with cross-platform and hybrid environment investigations
- Ability to perform detailed host analysis on Mac, Windows, & Linux systems
- Proficient in correlating patterns across assets and environments to support investigation.
- Incident lifecycle master with ability to cohesively manage simultaneous workstreams
- Ability to make tactical and fundamental recommendations to improve security
- Ability to design large-scale threat detection using diverse technologies and data sets
- Skilled in evaluating quantitative and qualitative effectiveness of security measures
- Familiarity with modern engineering and detection engineering practices
- Passion for solving complex security problems in innovative and scalable ways
- A drive for change through continuous improvement
- Capable of working independently but possesses a collaborative mindset
- Ability to work in a fast-paced environment, often juggling multiple projects
- Experience working independently and as part of a team
What's in it for you?
- Join an ambitious tech company reshaping the way people build digital experiences
- Full-time employees receive Stock Options for the opportunity to share ownership and the success of our company
- Comprehensive health/dental/vision care package covering 100% of monthly premiums for employees
- We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, education days, and volunteer days
- 6 weeks of paid parental leave to care for and focus on your growing family
- Use your personal education budget to improve your skills and grow in your career
- Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties
- Use your physical fitness budget to get away from your desk and support your physical wellness
- A monthly phone/internet stipend and phone upgrade reimbursement after 2 years
- New hire office equipment stipend. Get the gear you need to work at your best.
This role will need to be conducted in a state in which we are currently registered to do business.#LI-Remote #LI-JE1
Who are we?
Contentful is the intelligent composable content platform that unlocks all of an organization’s digital content to deliver impactful customer experiences, making content a strategic business asset. The Contentful Platform, Contentful Studio, and the Contentful Ecosystem combine the flexibility of composable content with the intelligence of AI, empowering digital teams to drive business momentum through collaboration, speed, and scale. Contentful powers innovative content experiences across brands, regions, and channels for organizations around the world, including nearly 30% of the Fortune 500. Nearly 800 people from more than 70 nations contribute their energy and creativity to Contentful, working from hubs in Berlin, Denver and distributed around the world.
Everyone is welcome here!
“Everyone is welcome here” is a celebrated component of our culture. At Contentful, we strive to create an inclusive environment that empowers our employees. We believe that our products and services benefit from our diverse backgrounds and experiences and are proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, national origin, religion, sexual orientation, gender, gender identity, age, physical [dis]ability, or length of time spent unemployed. We invite you to apply and join us!
If you need reasonable accommodations at any point during the application or interview process, please let your recruiting coordinator know.
Please be aware of scammers who may fraudulently allege to be from Contentful. These types of fraud can be carried out through copycat websites, fake email addresses claiming to be from our company, or social media. We do not ask for your personal information such as bank account numbers, identification numbers, etc through social media or chat-based apps, nor do we request or send money for the purchase of business equipment. If you suspect fraud, please report it to your local authorities, as well as reaching out to us at email@example.com with any information you may have.
By clicking “Apply for this job,” I acknowledge that I have read the “Contentful’s Candidate Privacy Notice”, and hereby consent to the collection, processing, use, and storage of my personal information as described therein.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Washington, District of Columbia, … Washington, District of Columbia, United States - … Full TimeSenior Senior-levelUSD 97K - 140K * USD 97K+ *
Cybersecurity Incident Response Analyst - Tier 3Analytics Automation CISSP Computer Science EDR Forensics +10
401(k) matching Competitive pay Health care
Walnut Creek, California, United … Walnut Creek, California, United States Full TimeSenior Senior-levelUSD 150K - 240K USD 150K+
Senior Security Operations EngineerApplication security Automation AWS Azure Blue team CCPA +19
Career development Competitive pay Flex hours Flex vacation Health care
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Senior Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs
- Open APIs-related jobs
- Open DevSecOps-related jobs
- Open IDS-related jobs