Security Analyst; Blue DART Team

Overview

As our Cyber Security Incident Response Team (CSIRT) for our Seattle office, you will be part of our Blue Team. You must have a calm and collected demeanor in high-pressure, time-sensitive situations, think like both an attacker and defender, and work with relevant teams to analyze, respond and neutralize attacks.

The Blue Team is responsible for the detection and response to credible threats. We develop detective capabilities, identify mitigations to vulnerabilities, and respond to potential threats to Coupang systems. CSIRT Engineers are prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis.

The Senior Security Engineer position requires experienced CSIRT personnel with expert working knowledge in incident response, investigation and threat hunting techniques, root-cause analysis, and the ability to quickly assess potential cyber threats. Security Engineers are expected to develop elegant solutions to complex problems and apply appropriate technologies while following security engineering best practices.

• Analyze and respond to security anomalies, intrusion attempts, and breaches; perform root-cause analysis, containment, and reporting.
• Threat hunting to uncover undetected threats using data from endpoints, servers, cloud environments, networks, and other sources.
• Review tickets and perform security analysis escalated from SOC.
• Improve incident response policies and SOC processes; analyze and respond to Web security events by CDN solutions (e.g., Akamai, Cloudflare).
• Analyze and respond to Email Security events.
• On-call participation to respond to urgent security events or issues.
• Collaborate effectively with internal teams through clear communication.

• Bachelor's Degree in Computer Science or a related technical field, or equivalent professional experience.
• 4 years of experience in information security with experience in Cyber Security Incident Analysis.

• 12+ years of experience in information security with at least 8+ years as a Cyber Security Incident Analyst.
• Experience with host-based security investigations (Windows, Linux, network/security appliances).
• Experience analyzing security events in AWS or other cloud environments.
• Experience analyzing events from web security solutions (Akamai, Cloudflare).
• Experience analyzing events from network security and SaaS solutions (IPS/IDS, network monitoring, Email Security, O365, etc.).
• Experience analyzing events from endpoint security solutions (EDR, HIPS, antivirus, DLP).
• Experience querying SIEM solutions to analyze security events from logs.
• Ability to analyze large data sets or large log volumes.
• Automation and scripting skills (Bash, Python, Power Shell).
• Proactive work attitude.

Base pay range: $138,000/yr - $297,000/yr. Pay is based on market location and job-related knowledge, skills, and experience.

• Flexible Spending Accounts (FSA) & Health Savings Account (HSA)
• Long-term/Short-term Disability
• Employee Assistance Program (EAP)
• 401K Plan with Company Match
• 18-21 days of Paid Time Off (PTO) per year based on tenure
• 12 Paid Holidays
• Paid Parental leave
• MTV - [Free] Electric Car Charging Station

Other compensation includes bonuses, equity, or other forms of compensation offered in addition to base salary.

Coupang is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender (including pregnancy, gender identity, gender expression, sexual orientation, transgender status), national origin, age, disability, medical condition, HIV/AIDS or Hepatitis C status, marital status, military or veteran status, use of a service animal, political activities, or affiliations, citizenship, or any other characteristic protected by law.

If you need assistance and/or reasonable accommodation in the recruiting process due to a disability, please contact us at

Requisition # R0064933