About the Opportunity
Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.
We are looking for a committed and driven Security Analyst with experience performing analysis and incident management of information security events. As an analyst, you will have daily alert investigation responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security Operations program. Candidates should be skilled in detection management and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.
You will be expected to work independently, work as a part of a team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.
What to expect?
- Perform daily alert investigation and response in a hybrid environment.
- Collaborate with the team and actively assist in major response exercises.
- Conduct detail-oriented analysis across challenging and complex ecosystems.
- Be capable of reporting or summarizing your findings to a broad audience.
- Create processes, documentation, and runbooks to support a rapidly growing organization.
- Take ownership of tuning, refinement, and development of detection use cases.
- Drive continuous improvement across all aspects of threat detection and response.
- Identify systemic issues and collaborate on approaches to address root causes.
- Play an active role in scaling Operation practices by contributing to team roadmaps.
- Provide delightful and informative interactions with all end users.
- Proactively identify opportunities for user training and awareness programs.
- Collaborate on threat models by incorporating detection use cases into designs.
- Assist in the creation of requirements and testing of security solutions.
What you need to be successful
- 3+ years of Security Operations or Incident Response experience.
- Proficiency in analysis methods (e.g., log analysis, live response, forensics, etc.)
- Firm understanding of the evolving attacker Tactics, Techniques, and Procedures.
- Strong network fundamentals (e.g., TCP/IP, Layer 7 protocols, etc.)
- Ability to perform detailed host analysis on Mac, Windows, & Linux systems.
- Familiarity analyzing Software-as-a-Service log sources to support investigations.
- Practical experience using security technologies (e.g., SIEM, EDR, AntiVirus, Email, etc.)
- Exposure using Splunk in support of alert investigation across multiple data sources.
- Experience performing investigations in cloud service providers (e.g., AWS, GCP, Azure, etc.)
- Hands-on experience with malware analysis using dynamic and static analysis tools.
- Practical mindset to balance business needs with security requirements.
- Ability to drive change through continuous improvement.
- Capable of working independently and collaboratively as a team.
- Comfortable working with a geographically dispersed team.
What’s in it for you?
- Join an ambitious tech company reshaping the way people build digital experiences
- Full-time employees receive Stock Options for the opportunity to share in the success of our company
- Comprehensive healthcare package health/dental/vision care package covering 100% of monthly health premiums for employees and 85% of costs for your dependents.
- Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
- We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, education days, compassion days for loss, and volunteer days
- Company paid parental leave to care for and focus on your growing family
- Use your personal annual education budget to improve your skills and grow in your career
- Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties
- An annual wellbeing stipend to care for your physical, financial, or emotional health
- A monthly communication phone/internet stipend and phone hardware upgrade reimbursement.
- New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.
#LI-Remote
Who are we?
Contentful is the intelligent composable content platform that unlocks all of an organization’s digital content to deliver impactful customer experiences, making content a strategic business asset. The Contentful Platform, Contentful Studio, and the Contentful Ecosystem combine the flexibility of composable content with the intelligence of AI, empowering digital teams to drive business momentum through collaboration, speed, and scale. Contentful powers innovative content experiences across brands, regions, and channels for organizations around the world, including nearly 30% of the Fortune 500. Nearly 800 people from more than 70 nations contribute their energy and creativity to Contentful, working from hubs in Berlin, Denver and distributed around the world.
Everyone is welcome here!
“Everyone is welcome here” is a celebrated component of our culture. At Contentful, we strive to create an inclusive environment that empowers our employees. We believe that our products and services benefit from our diverse backgrounds and experiences and are proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, national origin, religion, sexual orientation, gender, gender identity, age, physical [dis]ability, or length of time spent unemployed. We invite you to apply and join us!
If you need reasonable accommodations at any point during the application or interview process, please let your recruiting coordinator know.
Please be aware of scammers who may fraudulently allege to be from Contentful. These types of fraud can be carried out through copycat websites, fake email addresses claiming to be from our company, or social media. We do not ask for your personal information such as bank account numbers, identification numbers, etc through social media or chat-based apps, nor do we request or send money for the purchase of business equipment. If you suspect fraud, please report it to your local authorities, as well as reaching out to us at security-esk@contentful.com with any information you may have.
By clicking “Apply for this job,” I acknowledge that I have read the “Contentful’s Candidate Privacy Notice”, and hereby consent to the collection, processing, use, and storage of my personal information as described therein.