Security Analyst - Workrise Austin, Texas, United States Bookmark Share Print 122 0 0

Listing Description

Workrise is hiring a Senior Security Analyst that will be responsible for the day-to-day analysis of security threats, vulnerabilities, and detections. Our ideal candidate for this role will be someone who has a passion for proactive security, seeks understanding through data, and can engage a variety of stakeholders across the Workrise enterprise.   


 


This role will report to the Director of Security Engineering.


 


What you’ll be doing:


The Security Analyst is a dynamic role that requires strong analytical skills, scripting skills (we leverage python for detections), a solid offensive security mindset, ability to tell stories with data, and ability to take a heuristic approach to vulnerability management. Some of they day to day include:


 



  • Bug Bounty Program Triage - You will be responsible for triaging and reproducing reports that come in from our Bug Bounty and Vulnerability Management programs.

  • SIEM Detection & Response - You will be responsible for creating and running playbooks for critical alerts

  • Vulnerability Management - Security tools are inherently noisy, you will be responsible for assessing vulnerability priorities and tuning vulnerability management heuristics.

  • Incident Response - You will start and lead security investigations, determine indicators of compromise and bring in stakeholders for awareness.

  • Data mining & report building - Because we are a data-minded organization, you will tell stories with data and build interactive dashboards (Tableau, Google Data Studio, Juypter)

  • Creating & tuning SIEM detections - You will help create and tune detections to reduce signal to noise, and surface critical and actionable events.

  • Collaboration  - You won’t do any of this in a vacuum. You will have a team of Security Engineers, Privacy Officers, and an organization that will support you in these efforts by building best-in-class security solutions to give your work the ultimate impact.






Essential Job Functions:


 



  • Data, data, data. You will need to have demonstrated analytic experience and ability to generate metrics and insights across logs and multiple disparate data sets.

  • Solid experience with SQL. Doing mental pivot tables and joins should come easily for you.

  • Solid scripting experience. Experience in a scripting language for scraping, data analysis, small web apps, and a willingness to learn Python if it is not your primary scripting language.

  • Data Visualization - You experience being able to create visualizations (time series, stacked bar, etc) and tell a story with it. You have created self-service dashboards for other colleagues to consume.

  • Some exposure to vulnerability scoring and management (CVSS, EPSS)

  • Understanding of CVE, CWE and how to read and interpret them for business context. 

  • Understanding the OWASP Top 10 and experiencing seeing them in the wild.

  • Experience working with a client-side proxy tool such as Burp or ZAP Proxy.

  • Excellent written communication and ability to summarize complex information for non-technical audiences.

  • Experience with vulnerability management for SAST tools like SonarCloud, GitHub Advanced Security, Snyk.

  • Any experience with cloud security, identity lifecycle management, IAM, patch management is good to have.

  • Experience working in early or late stage start-ups is helpful.


Experience and Education Requirements:



  • Bachelor's degree in a program with a technical or mathematics focus. 

  • 2-3 years working in a Security setting such as a SOC.

  • 3-5 years professional IT, Software Engineering and/or Security experience.


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765