Senior Security Operations Analyst

At Shutterfly, we make life's experiences unforgettable. We believe there is extraordinary power in the self-expression. That's why our family of brands helps customers create products and capture moments that reflect who they uniquely are.

Shutterfly is looking for a Senior Security Operations Analyst to become a key member of our Security Operations Center (SOC) to monitor for malicious activity and act on alerts / detections, as well as investigate, respond (contain / triage / mitigate) and threat hunt. This analyst will collaborate with other members of the team to help simplify, streamline, automate and enhance the overall security capabilities of Shutterfly's Security Operations. This role is highly technical and requires advanced skills in intrusion detection and threat hunting to identify credible risks / adversaries across all Shutterfly's systems. A key to success for this role will be to collaborate with security engineers, developers, and business units to constantly improve the overall security posture at Shutterfly.

How can we apply threat modeling to daily security operations? How can we automate remediation and incorporate human judgement from users at scale? What open-source technology and OSINT can be applied as part of our toolset? If these topics excite you, then this role is for you.

What You'll Do Here :

• Monitor our alert channels, SIEM / SOAR notifications and EDR / IDS / IPS solutions for detections / incidents and threat hunt for malicious activity. Investigate, contain, triage and mitigate as needed; as well as continuously tune rules to reduce false positives.
• Provide incident response and be a key point of contact during all incidents; which includes investigation, correlation, triage, response, mitigation, ticketing, documentation and postmortem analyses. Note Shutterfly's analysts are empowered to work an alert from start to finish, including any containment, investigation and mitigative actions needed.
• Assist in the tuning of EDR / IDS / IPS solutions to improve detection, reduce noise, add IOAs, etc.
• Work with the security engineering team to improve tool usage and workflows, as well mature monitoring and response capabilities. Work with developers on the InfoSec team to build security automation workflows, enrichments and mitigations.
• Evaluate SOC policies and procedures and recommend updates to management where appropriate.
• Grow and mature our threat intelligence program - gather, analyze and assess threat intelligence to report on the current and future threat landscape, and provide a realistic overview of risks and threats in the enterprise environment.
• Enhance our detection capabilities with correlation, situational awareness and intel enrichment.

The Skills You'll Bring :

• Proficient operator of security tools such as end point protection / EDR, SIEM, IPS / IDS, HIDS / NIDS, WAFs, Edge / DNS security, vulnerability scanning, malware analysis tools, networking tool for full packet analysis, data loss prevention (DLP), etc.
• 2+ of the following certifications : CEH, CISM, GIAC, GCIH, GCIA, GSLC, GICSP, GSEC, CEH, GWAP, CompTIA Net+, CompTIA A+, CompTIA Security+, CASP CE, SEC+, Splunk Core, OSCP, etc.
• Linux / Unix OS, Windows and Mac administration skills
• Intimate understanding of technology and be motivated to constantly learn new technologies.
• Strong ability to learn and research new things, including tools, languages, frameworks, etc.
• Excellent verbal and written communication skills
• Collaborative mindset that thrives in fast paced environment

Preferred Qualifications

• Programming / scripting experience (bash, python, PowerShell)
• Forensics or malware analysis experience

Supporting a diverse and inclusive workforce is important to Shutterfly not only because it directly reflects our value of Embracing our Differences, but also because it's the right thing to do for our business and for our people. We welcome all applicants and evaluate them based on their qualifications, without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or other characteristic covered by law. Learn more about our commitment to Diversity, Equity, and Inclusion on our Career Site.

SFLYTechnology

Senior Security Analyst • Tempe, AZ, United States