Security Operations Analyst

Description

Sprout Social is looking to hire a Security Operations Analyst to the Security team.

Why join Sprouts Security team

Security sits at the intersection of empowering teams to move quickly and mitigating risks to our overall business. We are enablers who strive to hone our unique craft and minimize friction or red tape. Our security team ensures that we are designing platforms implementing tools and building products with security in mind. This team owns the security posture of our entire organization including our development production environments and internal concerns. As a part of this team you are given the space and encouraged to stretch beyond your core function and make a deeper impact on the broader organization. In short the work you do here matters and you feel that day in and day out.

What youll do

• Develop and maintain rules for alerts generated from both our cloud native product and employee platforms
• Triage and investigate security alerts reported through SEIM platform with IT solution engineering and security teams
• Identify additional log sources and alerting rules
• Guide support and provide analysis during and after security events following the incident response playbooks
• Integrate with a maturing vulnerability management program to ensure tracking and remediation of security issues.
• Monitor vulnerability sources for infrastructure and application vulnerabilities
• Developmaintain and automate reporting to prioritize vulnerabilities for IT and solution engineering teams which drives remediation efforts
• Collaborate with partners in infrastructure and engineering to measurably harden monitor and ensure resilience for our cloud-hosted platforms and software development lifecycle.
• Use both automated and manual testing tools to find and validate vulnerabilities in infrastructure
• Evolve the security posture by continuously assessing and improving the toolset managed by the security team
• Participate in a security on-call schedule

What youll bring

Were looking for someone who knows more than how to run a scanning tool: youll leverage your knowledge of distributed systems to work and collaborate with engineers and IT staff to increase the protective monitoring reporting and mitigation capabilities of the Security team. As a cloud native company youll be involved in securing our cloud environments and working with SaaS-based tooling. If you are fluent in risk identification and mitigation and stay up to date on the latest security threats and trends in our industry wed love to talk with you!

These are the minimum qualifications that our hiring team is looking for in this role:

• 2 years of information security experience
• Experience in security monitoring incident response and/or vulnerability management
• Understanding of computer networking and systems (compute storage OS -- especially Linux) and their interactions

Additionally these are the preferred qualifications that would indicate a particularly strong candidate:

• Information security qualification such as Security GCIH or GSEC or equivalent
• 2 years of programming experience (Python Shell Go)
• Experience performing and improving security operations (including investigations and incidents) and tooling (SIEM SOAR Scanning toolkits)
• Familiarity with Kubernetes and/or Containers

Within 1 month you will:

• Experience Sprouts in-depth onboarding covering everything from our company mission and values hearing directly from executives and founders to deep training on our products and the value that Sprout delivers to our customers
• Make a plan with your manager to set initial priorities align on expectations for your role plant goalposts for your career and learn about Sprouts approach to security
• Be introduced to Sprouts security stakeholders across the organization
• Learn our existing tooling and begin monitoring the status of our environments
• Collaborate regularly with teammates and members of our infrastructure and development teams and get up to speed on our current and future initiatives
• Get regular team feedback on your approach to managing and engaging our existing risks and security capabilities

Within 3 months you will:

• Work with your manager and teammates to create and prioritize quarterly team goals
• Begin to deconstruct larger security projects into smaller more manageable deliverables
• Start to understand the breadth and depth of technologies and tools under the teams purview
• Review refine and triage alerts triggered from our IDS vulnerability management toolsand other monitoring platforms
• Participate in Security on-call rotation
• Build connections with members from other teams through active networking and community building to help foster a security-first culture

Within 6 months you will:

• Improve the security tooling and telemetry used at Sprout
• Identify security gaps within our systems present plans to mitigate risks and work with teams to get them prioritized within their workstreams
• Generate and improve upon internal and external security policies and standards
• Help drive internal security awareness training and phishing programs
• Regularly evaluate and report security health and recommendations
• Have your first performance conversation with your manager where youll discuss your accomplishments in your role and work together to build goals for your professional growth
• Partner with engineering IT and other teams to continuously improve our ability to deliver reliable and secure services

Within 12 months you will:

• Be a go-to expert and security representative within Sprout
• Help define and build the security roadmap for future work
• Work and effectively communicate with other groups across the organization to ensure big-picture alignment and encourage cross-team collaboration
• Own cross-organizational projects demonstrating project management skills consensus building and strong leadership
• Have opportunities to contribute to in-house technical presentations employee onboarding and workshops that share your expertise with large groups of Sprout employees
• Surprise us! Use your unique ideas and abilities to change Sprout Security in beneficial ways that we havent considered yet

Of course what is outlined above is the ideal timeline but things may shift based on business needs and other projects and tasks could be added at the discretion of your manager.

Our Benefits Program

Were proud to regularly be recognized for our team product and culture. Our benefits program includes:

• Insurance and benefit options that are built for both individuals and families
• Progressive policies to support work/life balance like our flexible paid time off and parental leave program
• High-quality and well-maintained equipmentyour computer will never prevent you from doing your best
• Wellness initiatives to ensure both health and mental well-being of our team
• Ongoing education and development opportunities via our program and employee-led diversity equity and inclusion initiatives.
• Growing corporate social responsibility program that is driven by the involvement and passion of our team members
• Beautiful convenient and state-of-the-art offices in Chicagos Loop and downtown Seattle for those who prefer an office setting

Whenever possible Sprout wants to provide our team with the flexibility to work in the location that makes the most sense for them. Sprout maintains a remote workforce in many places in the United States. However we are not set up in all states so please look at the drop-down box in our application to see whether your state is listed. Few roles require an office setting. If your position requires a physical presence in a Sprout office it will be evident in the job listing and your offer letter.

Individual base pay is based on various factors including work location relevant experience and skills the responsibility of the role and job duties/requirements. In the United States we have two geographic pay zones. For this role our current base pay ranges for new hires are:

• Zone 1 (New York California Washington): $86240 (min) $107800 (mid) $129360 (max) USD annually
• Zone 2 (All other US states): $78400 (min) $98000 (mid) $117600 (max) USD annually

The listed ranges represent the full earning potential in this position. Starting salaries for well-qualified new hires are typically around the midpoint of the range. These ranges were determined by a market-based compensation approach; we used data from trusted third-party compensation sources to set equitable consistent and competitive ranges. We also evaluate compensation bi-annually identify any changes in the market and make adjustments to our ranges and existing employee compensation as needed.

Base pay is only one element of an employees total compensation at Sprout. Every Sprout team member has an opportunity to receive restricted stock units (RSUs) under Sprouts equity plan. Employees (and their dependents) are covered by medical dental vision basic life accidental death and dismemberment insurance and Modern Health (a wellness benefit). Employees are able to enroll in Sprouts companys 401k plan in which Sprout will match 50% of your contributions up to 6% with a maximum contribution. Sprout offers Flexible Paid Time Off and ten paid holidays. We have outlined the various components to an employees full compensation package here to help you to understand our total rewards package.

Sprout Social is proud to be an Equal Opportunity Employer. We do not discriminate based on identity- race color religion national origin or ancestry sex (including sexual identity) age physical or mental disability pregnancy veteran or military status unfavorable discharge from military service genetic information sexual orientation marital status order of protection status citizenship status arrest record or expunged or sealed convictions or any other legally recognized protected basis under federal state or local law. Because Sprout Social is a federal contractor we affirmatively recruit individuals with a disability and protected veterans. Learn more about our commitment to diversity equity and inclusion in our latest DEI Report.

If you require a reasonable accommodation for any part of the interview process or to submit your application please email us at Include the nature of your request and your preferred contact information. Well do everything we can to support your success during our recruitment process while upholding your privacy. Please note that only inquiries regarding accommodations will receive a response from this email address; other inquiries will not be addressed (e.g. you send your resume but are not requesting an accommodation).

For more information about our commitment to equal employment opportunity please click here (1) Equal Opportunity Employment Poster and (2) Sprout Socials Affirmative Action Statement.

Additionally Sprout Social participates in the E-Verify program in certain locations as required by law.

#LI-REMOTE