Tech Stack

Description

You will perform real-time monitoring of security events and investigate fraudulent activities across DigitalOcean's environment. You'll leverage security technologies like SIEM and EDR to detect and respond to threats, while conducting proactive hunts to eliminate security risks. You'll also work on reducing false positives and establishing strong relationships with technical teams.

Requirements

• Bachelor's Degree or equivalent experience with 1 or more years of experience in Security operations
• Knowledge of Security Information Event Management (SIEM)
• knowledge of the Security Operation Center (SOC)
• Understanding of TCP/IP concepts, application protocols and knowledge of database structures and working with Unix/Linux
• Intellectual Curiosity and Self-Motivation to perform complex tasks
• Clear written and verbal communications skills to include; technical writing, presenting
• Consistently improving security as the platform scales, driving continuous improvement through data collection and correlation, being mindful that security should be an efficiency enabler for the business - not a detractor

Responsibilities

• Performing real-time monitoring of Security Events, fraudulent and abusive activities across DigitalOcean’s environment
• Investigate, identify and prevent or mitigate abusive activities such as intrusion attempts, DDoS, malware distribution, phishing attacks, etc.
• Leverage industry standard security technologies such as SIEM, EDR and other monitoring tools to detect, investigate and respond to security alerts
• Conduct proactive hunts to detect and eliminate security threats
• Locating trends in abuse/threat vectors, communicating with leadership to apprise of extent, and advocating for appropriate product changes to prevent future occurrences
• Work within a ticket management system with specific daily operational level targets completed with a quality resolution
• Vetting abuse claims, responding to reporters and helping customers get back on the platform
• Engineering approaches to gathering security data, turning it into useful insights, and working with tech teams to resolve threats
• Responsible for the process to reduce false positives while preventing the bad-actors
• Escalating security incidents to Senior Analyst or DFIR teams as needed for deeper analysis and remediation
• Establishing an understanding of DigitalOcean’s entire production environment, from applications to infrastructure, keeping up-to-date with material changes and future directions
• Building strong relationships with the other technical teams across our engineering and infrastructure functions