Security Analyst
Renting a home is the world's oldest subscription service. People spend thousands of dollars every month for an experience that is outdated, inconvenient, analog, impersonal, and leaves a lot to be desired. Latch is working to make every building better, and while we've methodically executed this mission since our founding with great success, we're just getting started.
Leveraging our knowledge from companies like Apple, BCG, and IDEO, we’ve rethought how people interact with space. Latch delivers a full-building operating system designed to help owners, residents, and third parties like guests, couriers, and service providers, seamlessly experience the modern building. We’ve done this by combining software, devices, and services into a holistic platform that makes spaces more efficient, enjoyable, and profitable.
The next chapter of the Latch story will be our most exciting yet, and we’re looking for more talented team members to help fuel our growth.
The Security Operations Analyst receives, prioritizes, delegates, or responds to operational security requests. Additionally the Security Operations Analyst develops and maintains workflows, processes, and automations for common organizational security needs. The ideal candidate has administrative experience with Google Workspaces, the Atlassian suite of tools, and experience with cloud service providers and software-defined networking.
Responsibilities:
- Monitors and responds to incoming operational security requests.
- Triages and assigns incoming security remediation tasks.
- Performs operational changes to firewalls, security groups, endpoint security controls, IAM policies, and security configurations.
- Works with IT to investigate, mitigate, and remediate endpoint security issues and compromises.
- Performs and responds to records retention requests or retention orders by archiving and maintaining required digital evidence and documents.
- Approves or rejects change requests based on established SOPs and policies, elevating exceptions for policy improvements.
- Monitors and maintains security scan tools such as vulnerability scanners and configuration monitoring tools.
- Maintains, monitors, and responds to spam and phishing email alerts by monitoring alert queues and modifying rules and settings as necessary, as well as performing remediation of false positives.
- Updates and maintains security runbooks, SOPs, procedures, and other documentation related to security operations.
Qualifications:
- 1 to 3 years experience in a technical role in support of detecting and responding to security and availability risk events
- Experience with Python, Javascript, or similar scripting languages - Experience with the following is preferable:
- Amazon Web Services security logs and monitoring (CloudWatch, CloudTrail, GuardDuty)
- Security Information and Event Management (SIEM)
- JIRA
- Sumo Logic
- Understand and interpret logs from several sources including firewalls, host-based security, IDS, and other networked devices
- Strong knowledge of security incident and response operation procedures - Highly organized with the use of Slack, Zoom, GSuite, Jira, Gitlab, Bitbucket, Okta, PagerDuty and Qualys
Nice to have:
- SOC or CSIRT experience
- AWS Security Specialty certification
- Experience in Cloud-first IT Administration
- Experience with Qualys
Founded in 2014, Latch now has 400+ team members working to make spaces better places to live, work, and visit.
We offer unlimited Paid Time Off, a comprehensive benefits package, mental health support, and an environment where employees are surrounded by creative, empowered, and dynamic peers.
In conjunction with our core values: Contagious Determination, Humility, Trust, Inclusion, Action with Intent, and Privacy, we approach our work with care and a sense of duty, to make the world a better space.
We embrace diversity and strive to create an inclusive and equitable environment for all.
Latch has over 100 employees and is subject to OSHA guidelines that require all employees be vaccinated against COVID-19.
Applicant Privacy Notice