Threat Stack enables DevOps and SecOps teams to innovate and scale security by providing full-stack security observability from the control plane up to the application layer. Purpose-built for today’s infrastructure, the Threat Stack Cloud Security Platform® and Cloud SecOps Program℠ combine cloud-optimized intrusion defense, continuous security monitoring, and proactive risk assessment to help security and operations teams detect security incidents, achieve compliance, and secure infrastructure in transition.

We are defining the way Cloud Security is done. We are the only cloud-native continuous monitoring solution that gives users instant visibility into their environment, protecting them in real time from insider threats, external attacks, and data loss. Optimized for cloud deployment, our solution allows growth-driven companies to scale confidently without sacrificing speed or efficiency.

Threat Stack is looking for self-driven technical analysts to join our virtual security operations center that uses this platform to detect/respond to live customer security incidents. At Threat Stack, being a Security Analyst means you’ll have the opportunity to perform hunting/operational risk analysis and develop insights across our entire customer base - not just one organization. The work you do will help security teams both internally at Threat Stack and at our customers through our Cloud SecOps Program.

We operate multiple shifts around the clock and are looking to fill positions across them. This opening is for a role with a rotating schedule, including some nights and weekends.

A normal day for you on this team would include:

• Triaging, investigating, and escalating alerts as they occur in customer environments. All analysts review all alerts types - we don’t want to silo you!
• Working with customers to understand security alerts and how to properly remediate the issue.
• Using multiple sources of data including the Threat Stack application, external data feeds, threat intelligence, etc. to inform your analysis.
• Sitting and working with our internal security and critical incident response teams to share knowledge, training, and best practices.
• Working with our internal product and engineering teams to provide product feedback.
• Receiving internal and third party provided training on the technologies you’re monitoring, incident response, and other technical security topics.

Common technical skills on this team:

• Candidates will generally have some (but not all) of the skills below. Our team collaborates together to “level-up” each other’s skills and we provide employees with a dedicated training budget because diversity of knowledge and skills only makes the whole team stronger!
• Regular experience using or administering a Linux or Windows system, ranging from hobby to operational and IT backgrounds.
• You understand how software is built, either because you’re a programmer or recent computer science graduate.
• You’ve used data ingestion and analysis tools before, are comfortable scripting in python or other languages, and enjoy sifting through data for needles.