Paranoids Forensic and Incident Response Operations (FIRE) Analyst
Yahoo
Yahoo is a global media and tech company connecting people to their passions. We reach almost a billion people worldwide, bringing them closer to what they love.
About our team:
When you impact millions of people every day, you become a large target for adversaries of all types within all layers of the stack. Our job is to keep our users safe and make Yahoo one of the safest places on the Internet.
We are the information security team at Yahoo; known as "The Paranoids". As part of the Paranoids Forensics and Incident Response Operations Team (FIRE), we protect Yahoo and its users from dedicated adversaries, working on the front lines monitoring for, hunting for, and responding to threats, ensuring that our users and company are kept safe.
You are a highly motivated security analyst who is available to work between 10.30-19.00 GMT Monday through Friday, and will use Yahoo internal tools and other systems to detect and respond to security events. You are interested in protecting sensitive corporate and user data from unauthorized access at Internet scale and applying advanced technical, behavioral, and investigative solutions to find evil, ensuring that Yahoo data remains secure.
During your time here we will:
* Give you the opportunity to take ownership of key processes supporting the mission of finding evil
* Enable you to stop advanced attackers and protect our users
* Provide you with a positive work-life balance
* Encourage you to follow the investigation through till the end
* Challenge you to push the bounds of our security program and your own talents
Responsibilities
* Monitor and analyze security events from networks, applications, hosts, and databases
* Perform proactive research and identification of security anomalies
* Work with the team to develop and deliver table-top exercises
* Participate in regular threat hunting exercises
* Assess security incidents and assist Yahoo business units to remediate issues
* Work with a variety of security technologies including IDS, firewalls, EDR, etc.
* Contribute to the overall security posture of Yahoo
* Work to tune signatures and develop new use cases for finding badness
* Evaluate new log sources for security detection value and develop potential use cases
* Continue to focus on process improvement including developing playbooks
* Work on special projects as needed
* Participate in a 24x7 on-call rotation
Requirements
* Background in security fundamentals including network and host forensics, log analysis, and basic malware triage
* A passion for the field of information security and incident response
* Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and attack patterns
* Functional experience with Windows, Mac, and Linux systems and services
* An ability to work independently and communicate via technology
* Excellent written and verbal communication skills along with the ability to communicate complex, technical information to both technical and non-technical audiences
Desired
* Experience with DataBricks or Event Monitoring (SIEM) solutions
* Experience in shell scripting, Python, or similar tool and automation languages
#J-18808-Ljbffr