Peloton is looking for a Cybersecurity/Insider Threat Analyst with a diverse set of skills that can thrive in a challenging and rewarding environment. The successful candidate will work across the organization to drive, plan and carry out security measures to protect our cloud environments, networks, systems, and any technology assets. The Analyst will also perform assessments, develop and implement information security policies, procedures, and guidelines. This position involves understanding and working with a broad spectrum of security principles, architectures, and technologies. It is imperative the candidate not only have the technical prerequisites, but also has the ability to operate at a strategic level. The right candidate should be high energy, with a focus on results, as well as self motivated.
- Minimum 3 years in Information Security
- Elite investigative skills, we’re talking “World’s Greatest Detective Batman” not Zach Snyder Batman.
- Strong knowledge of Information Security design, risk assessments, principles, and processes; Experience in writing and maintaining information security policies, standards, and guidelines;
- Experience in vulnerability management (Rapid7, Tenable, Qualys);
- Experience with Insider Threat tooling (UEBA, DLP, Canary Tokens, Deception Technology)
- Experience with Splunk, reports and data correlation. Bonus for in-depth knowledge of Splunk’s underpinnings.
- Experience in incident response required; In-depth knowledge of Cloud Environments (AWS, GCP), MacOS, ChromeOS, Windows, and Linux operating system forensics, SaaS platforms, and IAM)
- Experience automating with Python, BASH, or other scripting languages
- Excellent written and verbal communication skills
- Excellent analytical and problem solving skills
- Bonus Points for:
- Previous experience in cloud-native or tech environments.
- Experience with OSINT, as well as Threat Intelligence services for investigations
- Develop and implement information security policies and procedures; develop security guidelines and security best practices for Peloton, and maintain the documentation.
- Directly support Peloton’s Security Program while conducting in-depth strategic analysis of intelligence data from various sources.
- Recommend and build countermeasures based on threat analysis, intelligence, and forecasting
- Provide triage support for incident response and investigation efforts alongside Peloton’s Security Operations team, and other internal teams
- Work with Security Engineering, Security Operations Center to build out new detections, event types, and baseline user behaviors
- Collect and analyze auditing capabilities of internal services, Saas systems, determine gaps in audit trails, and work with internal engineering teams/Saas providers in improving audit data
- Prepare and present analysis with findings and recommendations, in the form of briefings, reports, or dashboards to senior leadership, managers, and leads as required.
Founded in 2012, Peloton is a global interactive fitness platform that brings the energy and benefits of studio-style workouts to the convenience and comfort of home. We use technology and design to bring our Members immersive content through the Peloton Bike, the Peloton Tread, and Peloton Digital, which provide comprehensive, socially-connected fitness offerings anytime, anywhere. We believe in taking risks and challenging the status quo by continuously innovating and improving. Our team is made up of passionate brand ambassadors, and we know that together, we go far.
Headquartered in New York City, with offices, warehouses and retail showrooms in the US, UK and Canada, Peloton is changing the way people get fit. Peloton has been named to many prestigious industry lists, including Fast Company's Most Innovative Companies, CNBC's Disruptor 50, Crain's New York Business' Tech25 and Fast50, as well as TIME's Genius Companies. Visit www.onepeloton.com/careers to learn more about joining our team.