Security Incident Response Analyst

Working at Atlassian

Atlassians can choose where they work whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company.

To help our teams work together, this role requires you to be located in Poland. This role can be performed remotely or onsite in our office in Gdańsk. You can also work remotely worldwide for a maximum of 90 days per year.

We are looking for an Incident Responder with robust technical skills, expertise in threat analysis, and experience responding to security incidents from initial triage to containment. As an Incident Response Analyst you'll be watching over our corporate environment and cloud services, hunting for signs of compromise, safeguarding the data and systems belonging to Atlassian, as well as those of our Customers and Partners. More than that, you'll be leading security incidents, responding to security threats, developing and automating response strategies, and collaborating with cross-functional teams to enhance our security posture, and crushing security problems you care about.

• Act as an escalation point for security incidents, collaborating with stakeholders and communicating updates while actively working towards the resolution of incidents.
• Investigate and analyze log data stemming from security events across multiple sources to determine signs of compromise.
• Conduct post-incident reviews to analyze the root cause, assess the response, and recommend improvements.
• Participate in the on-call roster for security incident response.
• Deliver technical solutions to mitigate security incidents and enhance incident response capabilities.
• Advocate for security best practices and secure coding standards across the organization.
• Conduct threat hunts to identify new attack vectors and develop strategies to counteract them.
• Research tools and tactics employed by threat actors.
• Build and maintain tools and systems to automate response processes and improve efficiency.
• Develop and maintain security incident response playbooks and standard operating procedures.
• Lead evidence collection and forensic analysis during incidents.
• Conduct tabletop exercises and simulations to test and improve incident response readiness.

• 3+ years of experience in any security domain: Operations, Incident Response, Detection Engineering, Threat Research, or Engineering.
• Relevant work experience for responding to incidents and conducting investigations
• Fluency in any modern programming languages (preferably Python, Ruby, Java or Go) or experience scripting to complete security tasks
• Experience with AWS, GCP, or a similar cloud service platform
• Self-motivated and results-oriented
• Experience building and delivering projects from start to finish
• Passion for collaboration and strong interpersonal skills
• Specialization in one or more areas: malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
• Contributions to the security community or open source projects
• Excellent written and verbal communication skills, including the ability to explain technical issues to non-technical stakeholders.