About GitHub
As the global home for all developers, GitHub is the complete AI-powered developer platform to build, scale, and deliver secure software. Over 100 million people, including developers from 90 of the Fortune 100 companies, use GitHub to build amazing things together across 330+ million repositories. With all the collaborative features of GitHub, it has never been easier for individuals and teams to write faster, better code.
Locations
In this role you can work from Remote, United Kingdom
Overview
Are you interested in securing the home for all developers? GitHub is changing the way the world builds software, and we want you to help change the way we secure GitHub. We are looking for Security Engineers to evolve and advance the security posture of GitHub and its ecosystem.
Threat Detection and Response is a core function of Security Operations at GitHub. To effectively protect our people, our customers, and our business, we are looking for people who can effectively identify and respond to threats across our platform and supporting systems.
The TDR team is made up of analysts and engineers with varied skill sets, able to perform security analysis, threat hunting, incident response, and tooling development at high levels.
As a Security Analyst, you will work alongside other members of Security, IT, and Engineering organizations to help drive technical direction for all things security. You will operate within a team who are driven to develop GitHub’s threat detection capabilities, and you will assist in identifying and prioritizing detection efforts within our environment. Through industry research as well as collaborative Purple Team exercises, you will look to foster an innovative and collaborative environment for bettering GitHub’s security posture. A successful applicant will have a desire to work in tandem with other security professionals to secure GitHubbers and GitHub systems in diverse environments at scale.
Responsibilities
* Partnering with other security teams to identify, investigate, and mitigate threats
* Communicating persuasively with peers to inspire cooperation
* Supporting teammates to ensure the timely delivery of key objectives
* Developing, maturing and documenting security policy and processes
* Participating in an on-call rotation
* Collaborating on purple and red team exercises
* Keep up with industry trends to ensure an understanding of offensive techniques, as well as corresponding detection points
* Continuously evaluating GitHub’s detection suite and identifying visibility gaps
* This role will require working non-standard working hours, including weekends and holidays approximately 1-2 times per month.
Qualifications
Required/Minimum Qualifications
* A few years experience in security analysis, security research, cyber security, security engineering, or relevant area
o OR Associate's Degree AND a few years experience in security analysis, security research, cyber security, security engineering, or relevant area
o OR Bachelor's Degree AND experience in security analysis, security research, cyber security, security engineering, or relevant area
o OR equivalent experience.
Additional or Preferred Qualifications
* Many years experience in security analysis, security research, cyber security, security engineering, or relevant area
o OR Associate's Degree AND a few years experience in security analysis, security research, cyber security, security engineering, or relevant area
o OR Bachelor's Degree AND some experience in security analysis, security research, cyber security, security engineering, or relevant area
o OR Master's Degree AND experience in security analysis, security research, cyber security, security engineering, or relevant area
o OR equivalent experience.
* Some experience with software development.
* Experience working with GitHub and/or open source software.
* Experience and/or expertise with Microsoft Azure, Amazon Web Services or a similar cloud provider
* Demonstrated experience with offensive security techniques, for example through research or capture the flag activities
* Familiarity with data correlation and modern threat detection techniques
* Knowledge and understanding of security controls across all security domains
GitHub values
* Customer-obsessed
* Ship to learn
* Growth mindset
* Own the outcome
* Better together
* Diverse and inclusive
Manager fundamentals
* Model
* Coach
* Care
Leadership principles
* Create clarity
* Generate energy
* Deliver success
#J-18808-Ljbffr