Paranoids Forensic and Incident Response Operations (FIRE) Analyst

About Our Team

When you impact millions of people every day, you become a large target for adversaries of all types within all layers of the stack. Our job is to keep our users safe and make Yahoo one of the safest places on the Internet. We are the information security team at Yahoo; known as "The Paranoids". As part of the Paranoids Forensics and Incident Response Operations Team (FIRE), we protect Yahoo and its users from dedicated adversaries, working on the front lines monitoring for, hunting for, and responding to threats, we ensure that our users and company are kept safe.

About You

You are an experienced security analyst who is available to work between 8PM-6AM EST Monday through Thursday, and will use Yahoo internal tools and other systems to detect and respond to security events. You are interested in protecting sensitive corporate and user data from unauthorized access at Internet scale and applying advanced technical, behavioral, and investigative solutions to find suspicious and malicious activity, ensuring that Yahoo data remains secure.

During your time here we will:

• Give you the opportunity to take ownership of key processes supporting the mission of finding suspicious and malicious activity
• Enable you to stop advanced attackers and protect our users
• Provide you with a positive work life balance
• Encourage you to follow the investigation through till the end
• Challenge you to push the bounds of our security program and your own talents

Key Responsibilities:

• Monitor and analyze security events from networks, applications, hosts, and databases
• Perform proactive research and identification of security anomalies
• Work with the team to develop and deliver table-top exercises
• Participate in regular threat hunting exercises
• Assess security incidents and assist Yahoo business units to remediate issues
• Work with a variety of security technologies including IDS, firewalls, EDR, etc
• Contribute to the overall security posture of Yahoo
• Work to tune signatures and develop new use cases for finding badness
• Evaluate new log sources for security detection value and develop potential use cases
• Continue to focus on process improvement including developing playbooks
• Work on special projects as needed
• Participate in a 24x7 on call rotation

Requirements:

• Preferred to have at minimum 5+ years of experience as a SOC/IR Analyst
• In depth experience with Mac and Linux systems and services
• Strong background in security fundamentals including network and host forensics, log analysis, and malware triage
• Having the knowledge and experience to be a shift lead
• A passion for the field of information security and incident response.
• Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and attack patterns
• An ability to work independently and communicate via technology
• Excellent written and verbal communication skills along with the ability to communicate complex, technical information to both technical and non-technical audiences

Desired:

• Experience with DataBricks or Event Monitoring (SIEM) solutions
• Experience in shell scripting, Python, or similar tool and automation languages

#LI-BD2

The material job duties and responsibilities of this role include those listed above as well as adhering to Yahoo policies; exercising sound judgment; working effectively, safely and inclusively with others; exhibiting trustworthiness and meeting expectations; and safeguarding business operations and brand integrity.

At Yahoo, we offer flexible hybrid work options that our employees love! While most roles don’t require regular office attendance, you may occasionally be asked to attend in-person events or team sessions. You’ll always get notice to make arrangements. Your recruiter will let you know if a specific job requires regular attendance at a Yahoo office or facility. If you have any questions about how this applies to the role, just ask the recruiter!

Yahoo is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on age, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or any other protected category. Yahoo will consider for employment qualified applicants with criminal histories in a manner consistent with applicable law. Yahoo is dedicated to providing an accessible environment for all candidates during the application process and for employees during their employment. If you need accessibility assistance and/or a reasonable accommodation due to a disability, please submit a request via the Accommodation Request Form (www.yahooinc.com/careers/contact-us.html) or call +1.866.772.3182. Requests and calls received for non-disability related issues, such as following up on an application, will not receive a response.

We believe that a diverse and inclusive workplace strengthens Yahoo and deepens our relationships. When you support everyone to be their best selves, they spark discovery, innovation and creativity. Among other efforts, our 11 employee resource groups (ERGs) enhance a culture of belonging with programs, events and fellowship that help educate, support and create a workplace where all feel welcome.

The compensation for this position ranges from $111,000.00 - $231,250.00/yr and will vary depending on factors such as your location, skills and experience.The compensation package may also include incentive compensation opportunities in the form of discretionary annual bonus or commissions. Our comprehensive benefits include healthcare, a great 401k, backup childcare, education stipends and much (much) more.