Information Security Analyst at Stack Overflow
Stack Overflow is growing fast, and our technology needs just keep getting bigger. We’re looking for an Information Security Analyst (ISA) to join our existing team and help us grow our Infosec program. As an ISA, you’ll bring a business and customer mindset to secure the company with automation and repeatable processes that partners with our lines of business and customers.
We’re looking for someone with experience in applying security controls and implementing a variety of security tools to help us manage risk.
You will become knowledgeable on our products and collaborate on security requirements and controls with our product teams and answer security-related questions from our customers. We don’t expect you to know every other part of our stack coming in, so we’ll pair you with other members of the team to learn and develop your skills across our entire organization and product lines.
What you’ll work on:
- Work closely with SRE and IT teams providing guidance on secure server, network, and client system builds
- Contribute to our continuous improvement of incident response
- Contribute to our continuous improvement of vulnerability management
- Automate security operations whenever possible
- Work with Legal and Sales teams on customer security requirements in products and services
- Document our ever-evolving systems and procedures
- ISO 27001 Annex A controls
Our ecosystem includes:
- Google Cloud Platform
- Azure Sentinel (SIEM)
- Rapid7 Nexpose
- Microsoft Intune
- Cisco and Meraki
- Linux Centos (RedHat Enterprise Linux RHEL)
- Mac and PC laptops
- GitHub Enterprise
We’re looking for:
- 3+ years experience working in a technical, hands-on information security role.
- One or more current security related certifications (e.g., CISSP, CISA, SANS, GIAC, etc)
- 3+ years of Azure cloud platform experience or equivalent (i.e AWS, Azure, etc.)
- Python experience (always looking to automate manual tasks)
- Strong written communication skills and a strong inclination to “document as you go”
- Familiarity with: Servers, Networking, DNS, SIEM, IDS, vulnerability management tools, and a variety of OS’s
We like to see:
- Experience working both on a team and on independent projects
- Great communication and people skills
- Self-motivated and proactive
Also note: If this job interests you but you aren’t certain if you meet all of the requirements, apply anyway!Work Environment
We’re a remote-friendly team. Whether you work remotely or work out of our New York office (re-opening June 2021 at the earliest due to COVID-19), you’ll be part of a remote work culture that emphasizes online communication (Slack, GitHub, Hangouts, Zoom, Stack Overflow for Teams). While we’re generally very flexible on working hours, living and working within GMT-7:00 to GMT+2:00 time zones (US through Europe) is required for scheduling and interaction with your team. We also believe in strong work-life balance and are focused on making sure you have a positive work experience, in-office or remotely.
What you’ll get in return:
- Flexible hours
- 20 days paid vacation + holidays
- Completely free health insurance - no copay, no premiums (US residents)
- Generous parental leave (12-16 weeks at 100% pay), family care leave, and unlimited sick days
- Employees will never be poked with a sharp stick
Stack Overflow is the largest, most trusted online community for developers to learn, share their knowledge, and build their careers. More than 50 million professional and aspiring programmers visit Stack Overflow each month to help solve coding problems, develop new skills, and find job opportunities.
We partner with businesses to help them understand, hire, engage, and enable the world's developers. Our products and services are focused on developer marketing, technical recruiting, market research, and enterprise knowledge sharing.
We believe in hiring smart people and getting out of their way. We have an office in New York with some of the best amenities of any New York startup, and we have people who work remotely all over the world. We keep meetings and ceremonies to an absolute minimum.
Employment is conditioned upon successful completion of a background check and upon having the appropriate legal right to work.
Diverse teams build better products.
Legally, we need you to know this:
Stack Overflow does not discriminate in employment matters on the basis of race, color, religion, gender, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, or any other protected class. We support workplace diversity.
But we want to add this:
We strongly believe that diversity of experience contributes to a broader collective perspective that will consistently lead to a better company and better products. We are working hard to increase the diversity of our team wherever we can and we actively encourage everyone to consider becoming a part of it.