StubHub (an eBay company) is looking for a highly motivated and an experienced CSA Cyber Security Analyst to join StubHub Global SNOC team to take on the problems of tomorrow while continuing to build and secure the foundation of today.
We need you to be a hands-on Security Engineer with technology in researching, crafting, and implementing capabilities and defenses to secure and protect StubHub’s critical assets & Fan’s data.
As a Cyber Security Analyst
- Develop, recommend, evaluate, integrate, deploy, and maintain security tools including static and dynamic analyzers, security frameworks.
- Develop and maintain security utilities and metrics dashboards that help team to track/report on compliance.
- Evaluate software security products and technologies, as required.
- Configure and set up alerts on all the SOC security tools.
- Ability to deep dive into data and analyze for security and fraud anomalies.
- Strong knowledge of threat modeling at Application level is required.
- You would be expected to conduct web security assessments and handle vulnerability remediation of applications and web services.
- Ability to determine risk based on context.
- About 1-2 years of related hands-on security product development experience (Java, Python, JS) with web applications.
- Ability to clearly articulate issues and communicate in an effective and personable manner.
- Ability to adjust quickly to the security needs of a highly agile organization.
- Lead threat modeling, mitigation discovery, and manual/automated verification of mitigations.
- Develop recommendations/plans to mitigate issues found during monitoring.
- Participate in incident response and forensics.
- Build tools and infrastructure for automating incident response.
- Triage internal security events, responding or escalating as needed.
- Monitor external information sources for new security developments & advisories.
- Maintain StubHub’s vulnerability management infrastructure and track remediation measures.
- Participate in setting all required alerts to validate compliance with PCI & SOC
- Participate in external audits of StubHub’s security (pen testing, etc.).
- The global nature of StubHub’s business and the 24/7 nature of security threats will require flexible schedule.
Skills and Experience
- 1- 2 years of information security experience, preferably in ecommerce services or another highly regulated industry such as finance, with B.S. in Computer Science
- 1-2 years of experience in a 24 x 7 Security Operations Center in a largescale Internet web site, monitoring and managing production UNIX (Solaris) / Linux / Windows systems.
- Experience responding to security questions and incidents from end users.
- Experience in security best practices for Windows desktops and servers, Linux servers, and network devices.
- Experience in Python, or other scripting language and the ability to automate repetitive tasks. This is Required.
- Understanding of TCP/IP protocol suite and the ability to capture and analyze network traffic streams.
- Experience with a variety of open source and commercial security monitoring and testing tools such as nmap, RrevealX- Extrahop, SIEM (Splunk ES), IDS/IPS, anti-malware, and Web filtering, is a MUST.
- Experience with Distil, Akamai, Imperva DAM, Red Seal, ThousandEyes, Recorded Future, and ServiceNow, is a MUST.
- Experience with Qualys. Need to own the scan process end to end.
- Experience with Puppet. Need to own part of the patching process during the night shift.
- Analyze a variety of network and host-based security logs (Splunk ES, Distil, Akamai WAF etc.) to determine the correct remediation actions and escalation paths for each incident.
- Manage the Security monitoring tools, set up dashboards and alerts.
- Strong Knowledge and experience with VMware & Cloud (Prefer GCP)
- Monitor and analyze data flow to identify and block malicious behavior and activities
- Work as part of a team to ensure the stability, availability, and performance of StubHub environment which include networks, monitoring, JIRA tickets, security, change management, account management and responding to issues.
- Work with T&S team to identify frauds and set up scripts and alerts.
Qualities we are seeking
- A passionate, innovative, creative, motivated security generalist eager to participate in and continuously learn about multiple aspects of security.
- Ability to take a project and run with it – a strong work ethic, organizational skills, perseverance, and the ability to utilize research tools to solve problems – as well as the ability to recognize when it is time to ask for help in surmounting an obstacle.
- Strong written and oral communications skills and the ability to explain security concepts to people of varying levels of security sophistication.
- Strong organizational skills – the ability to prioritize and manage multiple work streams.
- Willingness to get one’s hands dirty and deal with some of the less glamorous aspects of security – processes, procedures, and App security.
- Excellent analytical and problem-solving skills.
- Ability to work under pressure with a calm demeanor.
- Must have flexible schedule and work based on operational needs.
- Education: B.S. in Computer Science