Security Operations and Incident Manager

Upwork is the world's largest freelancing website. Each year $1.5 billion of work happens through Upwork, allowing businesses to get more done and helping professionals break free of traditional time and place boundaries and work anytime, anywhere on projects they love. At Upwork, you'll help build on this momentum. Together, we'll create economic and social value on a global scale, providing a trusted online workplace for businesses to connect with extraordinary talent and work without limits.

Are you a superstar security defender?  Would you like to work with advanced tools and lead a team?  We can use your skills and experience to defend against sophisticated attacks and keep our platform secure.  We need your disciplined, methodical approach towards incident response and security investigations.  

Your Responsibilities:

  • Responsible for implementing and managing the Security Operations Center and responding to known and suspected incidents
  • Responsible for implementing and operating incident response, investigations, coordinating responses, and developing remediation plans
  • Participate in audits and compliance efforts
  • The candidate is a key member of the Information Security and Privacy team

How to really knock our socks off:

  • Experience with building, running and operating security operations center
  • Experience with implementing and tuning enterprise SIEM
  • Demonstrated experience performing investigations on known and suspected incidents
  • Develop and mature security alerting and response for actionable security intelligence
  • Develop and update policies and procedures related to incident response and remediation
  • Consolidate threat intelligence feeds and inputs into a centralized repository
  • Develop partnerships with key stakeholders across the enterprise for escalation and remediation
  • Experience with analysis of logs to identify trends in attacks, targeting, and timing of suspicious/malicious activity
  • Guide team on remediation of vulnerabilities based on the alerts received
  • Ability to manage and mentor global SOC analysts


  • At least 5-7 years of professional experience in incident detection and response, malware analysis, or cyber forensics
  • Extensive experience in at least one SIEM technology
  • Extensive experience in incident response, log analysis, network traffic packet analysis, and email analysis
  • Should be able to use advanced forensic tools and techniques for attack reconstruction, and possess network security architecture and domain knowledge to develop systems and exploitation methods
  • Good understanding of network security architecture, incident detection and response, malware analysis, or cyber forensics
  • Good understanding in security control compliance, information risk management, or information systems risk assessment, and security tools implementation
  • Good understanding of working and log formats of technologies like Firewalls, IPS/IDS, Proxies, Active Directory, Operating systems, DLP, NAC etc.
  • Good understanding of Cloud Security concepts
  • One or more relevant security certifications (GCIH, GCIA, GCFE, GCFA, or comparable)

Come change how the world works.

At Upwork you’ll help shape the future of work. From our offices in San Francisco, Mountain View and Chicago, together we’re creating exciting new opportunities for a world of professionals. You’ll be part of a vibrant culture built on shared values: Inspire a boundless future of work, Put our community first, Have a bias towards action, and Build amazing teams. Along the way you’ll have fun and enjoy the perks of a people-first company: Work from Home Wednesday's, daily breakfast and lunch, regular in-office happy hours, top-notch benefits … and more. Check out Upwork’s spotlight on The Muse for a glimpse of our daily work/life balance.

Upwork is proudly committed to recruiting and retaining a diverse and inclusive workforce. As an Equal Opportunity Employer, we never discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Back to top