Senior Security Analyst (fmd)

About the Opportunity

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Senior Security Analyst with experience performing analysis and incident management of information security events as well as experience contributing directly to the growth of and design of a security program. As a Senior Security Analyst you will have daily alert investigation and incident response responsibilities but you will be empowered to proactively drive change to shape and support the growth of our Security program.

Candidates should have experience triaging new and unfamiliar alerts leading technical workstreams in incidents or leading all aspects of medium scale incidents. They should have experience creating and maintaining high quality threat detection and demonstrate knowledge and understanding of common Information Security principles and frameworks coupled with excellent communications skills and a continuous desire to learn and grow.

You will be expected to work independently work as a part of a global dispersed team and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.

What to expect

• Perform daily alert investigation and response in a hybrid environment.
• Conduct detail-oriented analysis across challenging and complex ecosystems.
• Communicate investigation and threat updates to technical and non technical senior leaders.
• Work collaboratively across internal functions to identify respond and remediate security issues.
• Investigate and lead incidents of medium size and complexity.
• Investigate vulnerability exploitation and support remediation inline with vulnerability programs.
• Collaborate with the team and actively assist in major response exercises.
• Drive continuous improvement across all aspects of threat detection and response.
• Create processes documentation and runbooks to support a rapidly growing team.
• Identify systemic issues and collaborate on approaches to address root causes.
• Collaborate on threat models by incorporating detection use cases into designs.
• Identify and lead efforts to improve efficiency response detection and preventative measures.
• Design and build detection logic across multiple platforms (e.g. SIEM EDR etc.)
• Play an active role in scaling Operation practices by contributing to team roadmaps.
• Provide delightful and informative interactions with all end users.
• Proactively identify opportunities for user training and awareness programs.
• Provide insights and input on tool selection to help grow our cybersecurity portfolio.

What you need to be successful

• 5 years of Security Operations experience including alert triage and investigation
• 2 detection and tuning experience inclusive of Security Operations experience
• 2 years of Security Incident Response experience
• Ability to support on call and occasional off-hours incident response efforts
• Proficiency in analysis fundamentals (e.g. log analysis live response forensics etc.)
• Mastery of investigation methods and adept at handling new and unfamiliar cases.
• Firm understanding of attacker Tactics Techniques and Procedures
• Proficiency in attacker techniques in cloud-native and traditional environments.
• Strong technology fundamentals (e.g. OSI Model TCP/IP Layer 7 protocols etc.)
• Ability to perform detailed host analysis on Mac Windows & Linux systems.
• Hands-on experience using security technologies (e.g. SIEM EDR AntiVirus etc.)
• Hands-on experience with malware analysis using dynamic and static analysis tools.
• Expertise in AWS audit and security services to investigate cloud centric threats
• Proficiency investigating incidents across SaaS platforms and identity systems
• Experience performing investigations in cloud service providers (e.g. AWS GCP Azure etc.)
• Practical experience with cross-platform and hybrid environment investigations
• Ability to interpret designs and enumerate actionable detection use cases
• Familiarity with modern engineering and detection engineering practices
• Practical mindset to balance business needs with security requirements.
• A drive for change through continuous improvement
• Capable of working independently but possesses a collaborative mindset
• Comfortable working with a geographically dispersed team.
• Experience working independently and as part of a team
• Ability to work in a fast-paced environment often juggling multiple tasks alerts and incidents
• Passion for solving complex security problems in innovative and scalable ways

Whats in it for you

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Fertility and family building benefits including a lifetime reimbursable wallet to support your growing family.
• We valueWork-Life balanceandYou Time!A generous amount of paid time off including vacation days sick days education days compassion days for loss and volunteer days
• Time off to care for and focus on your growing family
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events including workshops guest speakers and fun team activities supporting learning and networking exchange beyond the usual work duties
• An annual wellbeing stipend to care for your physical financial or emotional health
• A monthly communication phone/internet stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

#LI-KH1 #LI-Hybrid

Who are we

Contentful is a leading digital experience platform that helps modern businesses meet the growing demand for engaging personalized content at scale. By blending composability with native AI capabilities Contentful enables dynamic personalization automated content delivery and real-time experimentation powering next-generation digital experiences across brands regions and channels for more than 4200 organizations worldwide. More than 700 people from more than 70 nations contribute their energy and creativity to Contentful working from hubs in Berlin Denver San Francisco London New York and distributed worldwide.

Everyone is welcome here!

Everyone is welcome here is a celebrated component of our culture. At Contentful we strive to create an inclusive environment that empowers our employees. We believe that our products and services benefit from our diverse backgrounds and experiences and we are proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race color national origin religion sexual orientation gender gender identity age physical disability or length of time spent unemployed. We invite you to apply and join us!

If you need reasonable accommodations at any point during the application or interview process please let your recruiting coordinator know.

Please be aware of scammers who may fraudulently allege to be from Contentful. These types of fraud can be carried out through copycat websites fake email addresses claiming to be from our company or social media. We do not ask for your personal information such as bank account numbers identification numbers etc through social media or chat-based apps nor do we request or send money for the purchase of business equipment. If you suspect fraud please report it to your local authorities as well as reach out to us at with any information you may have.

By clicking Apply for this job I acknowledge that I have read the Contentfuls Candidate Privacy Notice and hereby consent to the collection processing use and storage of my personal information as described therein.