What are the responsibilities and job description for the Security Engineer, Security Operations Center position at Poshmark?
Poshmark is a leading social marketplace for new and secondhand style for women, men, kids, pets, home, and more. By combining the human connection of physical shopping with the scale, ease, and selection benefits of ecommerce, Poshmark makes buying and selling simple, social, and sustainable.
Security team at Poshmark is responsible for securing our application platform, cloud infrastructure, and IT systems to protect Poshmark and its 80 million Community members. As an Application Security Engineer, you will collaborate with other security and engineering teams on identifying vulnerabilities in our application while improving visibility and implementing application security best practices throughout SDLC.
Responsibilities
- Monitor and analyze security event logs/alerts to identify security incidents
- Lead security incident investigation, containment, eradication, and recovery
- Uncover root causes of sophisticated security incidents and targeted attacks that span systems, network, and code
- Improve our detection and incident response capabilities through automation
- Create playbooks for standard events to simply investigations
- Fine tune alerts to reduce false positives and automate responses to alerts
- Collaborate with SRE and and other security teams to remediate issues
- Managing SIEM to add, improve alerts and other capabilities
- Implementing security monitoring solutions across Poshmark environments
- Threat hunting to find malicious activities
- Use IOCs and other information to enrich data
- Working on other SOC related projects
Minimum Qualifications
- 1-2 years of experience in an information security role.
- Experience with security tools and technologies, such as SIEMs, firewalls, intrusion detection systems, and vulnerability scanners.
- Experience with incident response and remediation.
- Experience with cloud security.
Preferred Qualifications
- Experience with Incident Response, Malware Analysis, Threat Hunting
- Experience in SRE or DevOps/SecDevOps
- GCIA or relevant certifications
- Experience in scripting (Python, Bash) will be a plus
6-Month Accomplishments
- Continuously perform security incident investigation, containment, eradication, and recovery. This includes identifying and responding to security incidents, containing the spread of the incident, eradicating the malware or other malicious code, and recovering the affected systems.
- Stay up-to-date on the current IT threat landscape and upcoming trends in security. This involves reading security blogs and articles, attending security conferences, and subscribing to security mailing lists. You should also use security tools and services that provide threat intelligence.
- Write new high-fidelity detections and incident response playbooks. This includes writing new rules and playbooks for your organization's security tools to help detect and respond to security incidents. You should have a deep understanding of your organization's security infrastructure and be familiar with the latest security threats and attack vectors.
12 Month Accomplishments
- Reduce Mean-Time-to-Detect (MTTD) and Mean-Time-to-Respond (MTTR) through automation.
- Improve Security Operations Posture by continuously improving detections, writing high fidelity detections and maintaining up to date Incident Response Playbooks.
- Working on Projects that will help shore up the Security Operations Posture