Menu

← Return to Job Board

Cyber Security Monitoring and Response Senior Engineer

Coupang – SEATTLE, WA, United States - Published On 3/6/19

Description

Coupang is one of the largest and fastest growing e-commerce platforms on the planet. Our mission is to create a world in which Customers ask “How did I ever live without Coupang?” We are looking for passionate builders to help us get there. Powered by world-class technology and operations, we have set out to transform the end-to-end Customer experience -- from revolutionizing last-mile delivery to rethinking how Customers search and discover on a truly mobile-first platform. We have been named one of the “50 Smartest Companies in the World” by MIT Technology Review and “30 Global Game Changers” by Forbes.

Coupang is a global company with offices in Beijing, Los Angeles, Seattle, Seoul, Shanghai, and Silicon Valley.

Overview

Coupang is seeking cyber CSIRT Engineers for our Seattle office and be part of our special forces within the BlueTeam. You must have a calm and collected mannerism in high-pressure and time sensitive situations, think like both an attacker and defender, and work with relevant teams to take the right and timely actions to analyze, respond and neutralize attacks.

The BlueTeam is responsible for the detection and response to credible threats. We work hands-on developing detective capabilities, identifying mitigations to vulnerabilities and respond to potential threats to Coupang systems. BlueTeam CSIRT Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis.

The Senior Engineering position requires an experienced CSIRT personnel that have expert working knowledge in IR, investigation and hunt techniques, root-cause security flaws and vulnerabilities, quickly assessing the potential cyber threats, and educating other members of the broader team. Security Engineers are also expected to develop practical solutions to complex problems and apply appropriate technologies while following security engineering best practices.

Responsibilities

● Defend systems against unauthorized access, modification and/or destruction
● Identify abnormalities and report violations
● Respond immediately to security incidents and provide post-incident analysis
● Conduct data breach and security incident investigations
● Liaison with other cyber threat analysis entities
● Design and conduct security audits to ensure operational security
● Perform network and host vulnerability assessment and risk analysis
● Research and recommend security controls
● Provide technical advice to colleagues across different business units

Basic Qualification

• 5+ years of experience in information security with at least 3+ years in incident response or SOC Analyst Lead (L3) capacity
• Host based security investigation (Windows, Linux, Network/Security appliances)
• Network Traffic/Packet analysis and forensic
• Operating SIEM and CTI (Cyber Threat Intelligence) Solutions and developing use cases
• Operating IPS/IDS, Network Monitoring solutions, Net flow collector and analyzer
• Operate EDR (Endpoint Detection and Response) system and tools such as CarbonBlack, CrowdStrike, EnCase-EDR, FTK, Volatility memory forensic, etc.
• Knowledge of application security such as Web application, Mobile app traffics, etc.
• BS degree or equivalent practical experience
• Self-motivated
• Ability to work independently on your own in a satellite / remote office where team supports are dispersed globally and HQ in Korea.
• Ability to be flexible and work during non-business hours (to support a global team in different time zones)

Preferred

• Languages:
o Primary work language for all offices is English (Korean a bonus);
• Certified in one or more of the following: CISSP, CISA, CCNA, CISM, SANS GIAC
• Knowledge of Cloud service practices and principles (e.g., AWS, Azure)
• Development experience in Web Services (HTTP, HTML, AWS, REST, SOAP, Atom)
• Development experience in Automation and Script (Linux shell, Python, Perl, Powershell)
• Experience in developing using Log Search (ELK, Splunk), TSDB (Time series DB)
• Knowledge of DevOps and Agile practices and principles
• Working knowledge of the current cyber threat landscape
• Understanding of major threats and threat actors and their relevance to the eCommerce industry

Coupang is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or gender (including pregnancy, gender identity, gender expression, sexual orientation, transgender status), national origin, age, disability, medical condition, HIV/AIDS or Hepatitis C status, marital status, military or veteran status, use of a trained dog guide or service animal, political activities, affiliations, citizenship, or any other characteristic or class protected by the laws or regulations in the locations where we operate.

How to Apply

Please contact sunita@coupang.com directly.

This document was retrieved from http://www.rsaconference.com/jobs/view/1350 on Sat, 23 Mar 2019 19:32:08 -0400.