Sr. Security Operations Analyst, Threat Detection and Hunt

    • San Francisco, CA

THE COMPANY:

JUUL Labs’ mission is to impact the lives of the world’s one billion adult smokers by eliminating combustible cigarettes. We have the opportunity to address one of the world’s most intractable challenges through a commitment to exceptional quality, research, design, and innovation. Backed by leading technology investors, we are committed to the same excellence when it comes to hiring great talent.

We are a diverse team that is united by this common purpose and we are hiring the world’s best engineers, scientists, designers, product managers, operations experts, and customer service and business professionals. If the opportunity to build your career at one of the fastest growing companies is compelling, read on for more details.

 

Location:  preferably SF, or NY, Seattle, Austin

 

ROLES AND RESPONSIBILITIES

The Senior Threat Detection and Hunt expert for JUUL Labs has operational and engineering responsibilities to perform threat hunting for malicious activities across the JUUL network, endpoints, public cloud, and SaaS applications. Responsibilities include building or configuring cyber security threat intel and detection capabilities in a cloud-native environment. In this role, you will focus on leveraging and automating user and system activity monitoring tools to hunt for threats and assist with mitigation.

You will work closely with the penetration testing, cloud infrastructure, application development, and other operational teams to execute technical threat research and hunting tasks, and partner with the Incident Response (IR) and Risk Management group to ensure alignment to policies, and IR best practices.

  • Partner with the Offensive Security team on active or emerging threats
  • Leverage Threat Intelligence (TI) tools and techniques to hunt for threats
  • Research and implement techniques for threat detection and response in a cloud-native, rapidly evolving environment
  • Act as a subject matter expert during incident post-mortems to educate stakeholders and drive improvements in detection and response capabilities
  • Ability to develop and maintain custom detection queries using cloud-native data platforms in AWS or GCP.
  • Perform deep dive analysis of logs and malicious artifacts
  • Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities
  • Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale
  • Pursue actionable intelligence on current threats as they relate to JUUL’s digital assets
  • Perform Insider Threat analysis
  • Analyzing and responding to bug bounty findings
  • Generate professional security reports and threat bulletins for the firm

PERSONAL AND PROFESSIONAL QUALIFICATION

  • Expert knowledge of AWS and/or GCP security controls, APIs, and logging capabilities
  • Experience building automation and tools for cloud-based security analysis and incident response across multiple cloud providers and SaaS platforms
  • Experience running threat hunting activities across a large environment with distributed providers, log sources, and assets.
  • Expertise in threat hunting in one or more public cloud solutions such as AWS and GCP
  • Familiar with attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to hunts, investigations, and incident response.
  • Strong understanding of endpoint security solutions including AV, DLP, and EDR
  • 4+ years of experience in a threat intel, detection, IR, or similar cyber security roles.
  • Experience handling and building a SOAR such as Demisto, Phantom, or Walkoff.
  • Demonstrated ability to establish relationships and build rapport to influence colleagues at all levels, uncover issues, and identify needs

KEY ATTRIBUTES NECESSARY FOR SUCCESS:

  • Strong analytical mind
  • Ability to deal with ambiguity, in addition to, learn and be curious
  • Relevant certifications such as CISSP, CEH, GPEN, GSEC, OSCP
  • Excellent communication skills
  • Flexible and dynamic team player
  • Self-starter with the ability to focus on tactical execution to get the job done
  • Consultative mindset, with the ability to influence without direct authority, and to develop strong cross-functional partnerships

EDUCATION:

  • BS in Computer Science or similar technology focused coursework (MS pref'd)

JUUL LABS PERKS & BENEFITS:

  • A place to grow your career. We’ll help you set big goals - and exceed them
  • People. Work with talented, committed and supportive teammates
  • Equity and performance bonuses. Every employee is a stakeholder in our success
  • Boundless snacks and drinks
  • Cell phone subsidy, commuter benefits and discounts on JUUL products
  • Excellent medical, dental and vision benefits
JUUL Labs is proud to be an equal opportunity employer and is committed to creating a diverse and inclusive work environment for all employees and job applicants, without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. We will consider for employment qualified applicants with arrest and conviction records, pursuant to the San Francisco Fair Chance Ordinance. JUUL Labs also complies with the employment eligibility verification requirements of the Immigration and Nationality Act. All applicants must have authorization to work for JUUL Labs in the US.

JUUL Labs' mission is to improve the lives of the world’s one billion adult smokers.

JUUL Labs Company Image


Back to top