Wayfair is the online leader for home furnishings and decor. Through technology and innovation, wayfair makes it possible for shoppers to quickly and easily find exactly what they want from a selection of more than 8 million items across home furnishings, décor, home improvement, housewares and more.
wayfair is growing our security operations center and we’re looking for a talented cybersecurity operations analyst to join and help grow our team. Our security operations team is tasked with monitoring and protecting wayfair from an ever growing number of security risks, and finding new and creative ways to do so. We have a strong focus on engineering and innovation, and are seeking individuals who love to find new problems and hate fixing the same problem twice.
*what you’ll need*
- 5+years experience working in cyber security operations
- experience with enterprise incident detection and response for on premise and cloud environments
- strong working knowledge of threat actors tactics techniques and procedures (ttps), and the ability to prioritize detection for the environment/company.
- experience developing soc processes and procedures following industry best practices for both enterprise and cloud environments
- strong working knowledge of linux and windows, and how to detect threats on these systems at scale
- implement detection acceptance criteria to minimize alert fatigue, and to guide use case development
- assist developing and implementing key results, metrics and measurements to ensure a high standard
- hands on siem experience building yara-l rules, tuning them, and responding to alerts
- experience with scripting languages: python, or powershell
- experience with large scale data warehouse tech - the ability to work with large data sets and write sql for incident response, analysis, and correlation. Preferably experience with google bigquery
- excellent communication skills, especially the ability to communicate cybersecurity threats to technical and non-technical stakeholders
- develop and improve playbooks and processes for detection and response
- expertise leading incident response efforts, in the role of incident commander and/or investigation lead
- expert in hands-on-keyboard analysis and forensics for windows, macos, linux and cloud
- author of python tools to automate and parallelize collection and processing of investigate data, at-scale
- developed metrics reporting pipeline, automated dashboard, monthly reports and review process
*what you’ll do*
- response - follow and improve procedures for incident response and participating in the cybersecurity on call rotation.
technical skills
azure, gcp, elk, crowdstrike falcon, mandiant redline, kali, powershell, python, windows, linux, macos, encase 6/7/8, ftk forensic, soc2, nist csf, iso 27001, mitre att&ck, openioc, yara, yaml, snort, powerforensics, sysmon, security automation, orchestration and response (soar), cuckoo sandbox, virustotal, cyberchef,, regular expressions (regexp), sql, slack, jira, servicenow, jupyter notebooks, threat modeling
tipo de puesto: tiempo completo
sueldo: $50,000.00 - $70,000.00 al mes
tipo de jornada:
- turno de 8 horas
experiência:
- cybersecurity: 6 años (obligatorio)
- siem solutions: 4 años (obligatorio)
- cloud technologies: 3 años (obligatorio)
- yara: 2 años (deseable)
idioma:
- inglés avanzado (obligatorio)
lugar de trabajo: empleo remoto