Security Engineer - Incident Response
About The Position
Peloton Interactive, Inc. seeks a Security Engineer - Incident Response in New York City, NY. This role directly supports Peloton’s Security Program by conducting in-depth research and strategic analysis of intelligence data from various sources to leverage in threat hunting. The engineer will stay up-to-date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats. They will provide intel-driven insights into existing and emerging threats and use these insights to search the Peloton enterprise for anomalous and/or malicious activity. Collaboration with Security Engineering and the Security Operations Center is key for baselining user behaviors and events, as well as building new detections and response workflows. The role involves providing triage support for incident response and investigation efforts as part of Peloton’s Security and Operations team and other internal teams. Recommendations and building of countermeasures based on threat analysis, intelligence, and forecasting are expected. The engineer will also develop, implement, and maintain security incident playbooks/runbooks. Preparation and presentation of analysis with findings and recommendations in the form of briefings, reports, and dashboards to managers, various team leads, and senior leadership are required.
Requirements
- Master’s degree (or its foreign degree equivalent) in Computer Science, Informatics, Computer and Information Technology, Engineering (any field), or a related quantitative discipline.
- Three (3) years of experience in the job offered or in any occupation in a related field.
- One year of experience in Cloud Workload protection.
- One year of experience in Cloud Native application protection platform.
- One year of experience in Cloud Security Posture Management.
- One year of experience in Threat modeling.
- One year of experience with OWASP top 10.
- One year of experience with BURP Suite.
- One year of experience with SAST.
- One year of experience with Software Composition Analysis.
- One year of experience in API Security.
- One year of experience in code reviews.
- One year of experience in Kubernetes Security.
- One year of experience with Web Application Firewall (WAF).
- One year of experience with ELK Stack.
- One year of experience with Splunk.
Responsibilities
- Directly support Peloton’s Security Program while conducting in-depth research and strategic analysis of intelligence data from various sources to leverage in threat hunting.
- Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats.
- Provide intel-driven insights into existing and emerging threats, use insights to search Peloton enterprise for activity that is anomalous and/or malicious.
- Work with Security Engineering and the Security Operations Center to baseline user behaviors and events as well as build out new detections and response workflows.
- Provide triage support for incident response and investigation efforts as part of Peloton’s Security and Operations team and other internal teams.
- Recommend and build countermeasures based on threat analysis, intelligence, and forecasting.
- Develop, implement, and maintain security incident playbooks/runbooks.
- Prepare and present analysis with findings and recommendations in the form of briefings, reports, and dashboards to managers, various team leads and senior leadership as required.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
