Klaviyo is searching for our next Security Operations team member. This position is a unique opportunity to develop tools and techniques for offensive and defensive security to protect our customers, company, and data. This position will require you to use your technical expertise to study the Klaviyo cyber footprint, find potential risk, verify risks and work with engineering teams to remediate those risks. This Is not a role for someone who only uses vulnerability scanners, they are a class of many tools you use to find the security strings to pull on to find risk or verify security protections. You will also respond to security alerts, triage, and build automations around response.
The ideal candidate will be an offensive cyber security professional first, the desire to break applications and gain access to restricted data and computing resources is a driving force for all things you do. You will also have a sense of responsibility to protect the company by working with security alerts and working on security tickets as an analyst. You will have a proven track record of compromising AWS resources, an understanding of AWS technologies used to secure environments and what weaknesses these technologies introduce to an environment. You will need to have experience in Security Operations Tooling (SIEM, EDR, AWS Logging Data, AWS security settings). You will possess communications skills to communicate vulnerabilities to engineers, technical leadership, and management with clearly stated facts and a natural ability to document your work concisely for review by peers.
How you’ll make a difference:
- Partner with Engineering, Product, IT, and other business functions to drive security improvement across the organization
- Research emerging attack vectors, vulnerabilities and techniques
- Utilize your offensive skills to build defenses against those who may point their attacks at Klaviyo
- Emulate adversaries by attacking user endpoints, cloud platforms, cloud systems, etc.
- Collaborate closely with detection engineers to build high fidelity alerting based on emerging attack vectors and tactics, techniques and procedures
- Actively participate in purple-team exercises to mature the security program
- Triage and respond to incoming security alerts related to corporate and production systems.
- 3+ years of experience in multiple offensive security engineering disciplines (red teaming, penetration testing, fuzz testing, etc.).
- Previous SOC analyst responsible for responding to security events.
- Experience using open source and commercial scanners / exploit tools such as Burp / Nessus / OWASP ZAP as a reconnaissance tool.
- Use of reconnaissance open source data such as Shodan, DNS Dumpster, Haveibeenpwned.
Detection, Response, Remediation
- Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries for actioning on identified security risks.
- Experience monitoring and triaging inbound security alerts within a ticketing system such as Jira, determining risk, and working with owners to mitigate risk and detect future exploitation attempts. (level 2-3 security analyst)
- Demonstrated application of cyber threat intelligence open source or commercial.
- Ability to analyze new risks using tools such as hybrid analysis and virus total.
- Independently capable of researching network based threats using standard tooling available on linux systems.
- Experience With - VPC / EC2 / Security Groups / ACLs / IAM.
- Experience working with and attacking / testing AWS deployed resources.
- Understanding of cloud security best practices and standards such as CIS and PCI
Development / Scripting
- Substantial scripting or developing in Python during the past 2 years.
- Experience developing red team tools or exploitations.
- Experience automating exploit testing and repetitive tasks.
Networking / Communications
- Understanding of Networking - Routing / DNS / IP Networks / Major Protocols.
- Ability to build applications / tools that provide and or use APIs to transfer data.
Get to know Klaviyo
Klaviyo is a world-leading marketing automation platform dedicated to accelerating revenue and customer connection for online businesses. Klaviyo makes it easy to store, access, analyze and use transactional and behavioral data to power highly-targeted customer and prospect communications. The company's hybrid customer-data and marketing-platform model allows companies to grow by fostering direct relationships with customers, without giving up their valuable data to popular big-tech ad platforms. Over 265,000 innovative companies like Unilever, Custom Ink, Living Proof and Huckberry sell more with Klaviyo. Learn more at www.klaviyo.com.
Klaviyo does not tolerate and prohibits discrimination, harassment or retaliation of or against job applicants, contractors, interns, volunteers or employees by another employee, supervisor, vendor, customer or any third party.