Founded in 1999, SurveyMonkey changed the way people gather feedback by making it easy for anyone to create their own online surveys. Today, SurveyMonkey’s mission is to power curious individuals and organizations to measure, benchmark and act on the opinions that drive success. Our People Powered Data platform enables conversations at scale to deliver impactful customer, employee and market insights. The company’s 700+ employees are dedicated to fueling the curiosity of over 16 million active users globally. For more information about SurveyMonkey, please visit surveymonkey.com.
This role is hands-on, carrying the responsibility of running the day-to-day security technologies, technology governance, SIEM, Data Loss Prevention, and key defenses. This also includes developing and delivering security performance and operational metrics.
The ideal candidate will maintain and enhance a consistent and reliable operational security environment and take a proactive security monitoring approach. The candidate must be a highly skilled and technical individual who is able to collaborate cross-functionally to remediate security challenges and has the ability to adapt in a dynamic security landscape.
- Build and maintain tools to proactively monitor and respond to emerging threats
- Develop, implement, maintain, and oversee enforcement of policies, procedures and associated plans for system security administration and user system access for both on-premise and cloud infrastructure
- Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity in order to interpret activity and make recommendations for resolution
- Support ongoing security compliance, audit, and certification programs (e.g., PCI, HIPAA, SOC2)
- Manage the critical vulnerability remediation process and drive rapid corrective actions
- Manage the SIEM and supporting incident response processes
- Configuration of AWS services for security including, but not limited to, EC2, S3, Cloudfront, RDS, Route 53, IAM, Cloudtrail, and more
- 5+ years of operations experience, preferably in security or infosec roles
- Demonstrated skill in identifying exploits and vulnerabilities and providing remediation efforts in network and server environments
- Knowledge of emerging threats and ability to stay abreast of developing threats and cyber vulnerabilities, along with skill to communicate to management how these emerging threats may or may not apply to SurveyMonkey
- Knowledge of common compliance frameworks (e.g., PCI, HIPAA)
- Understanding of security within a public cloud environment (e.g., AWS, Azure, GCP)
- Ability to problem-solve and work with others to find the best solution
Nice to Haves
- Application security knowledge
- Experience with programming
- Red/Blue team experience
At SurveyMonkey, we offer competitive salaries, medical/dental benefits, PTO, 401k, paid holidays and parental leave, and equity compensation.
SurveyMonkey is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.