This job has expired, please see additional jobs below
Paranoid Director of Defensive Engineering and Response (Red Team)
Yahoo!
New York, NY, United States
Job Details - this job has expired, please see similar jobs below
Description
Yahoo is a guide focused on making users' daily habits inspiring and entertaining. By creating highly personalized experiences for our users, we keep people connected to what matters most to them, across devices and around the world. In turn, we create value for advertisers by connecting them with the audiences that build their businesses.
A Little About Us
When you impact millions of people every day, you become a large target for adversaries in all layers of the stack. Our job is to keep our users safe and make Yahoo one of the safest places on the Internet.
We are the information security team at Yahoo. People call us “The Paranoids”.
This position reports to the CISO. In this role you will manage and grow a team of analysts who search for malicious activity on our systems and networks and respond to security events. You will also lead a team of engineers responsible for the development of the tools and systems to conduct proactive and reactive searching and analysis. You will participate in Red vs Blue exercises, and will take their results into future planning efforts. Your team will partner closely with our e-crime and advanced threats teams. You’ll also work with other Paranoid teams, Networking, IT, and of course all the product teams that build and maintain Yahoo systems and applications.
A Lot About You
Your Day
• Lead (with the Red team) retrospectives on Red/Blue team exercises to continuously improve the Blue team’s ability to detect, respond, and recover from security events.
• Recruit and mentor engineers to build and maintain systems to collect, store, and analyze vast quantities of data.
• Recruit and mentor analysts who proactively search for unauthorized access and respond to potential security incidents
• Produce metrics that help guide not only the Defensive Engineering efforts, but other teams throughout the company
What you bring
• Hands-on experience responding to security incidents
• Strong written and verbal skills
• Experience consuming and analyzing threat intelligence data
• Experience participating in, or leading Red vs Blue team exercises
• Detailed understanding of attacker lifecycles and TTPs
• Strong understanding of security frameworks like NIST CSF
• Experience managing teams of at least 5 people
• Technical
1. Experience deploying and using tools such as OSQuery, GRR, Splunk, Hadoop, chef
2. Detailed understanding of networking, operating system, and application security concepts
3. Experience collecting and analyzing computer forensics
4. Experience as a software developer a plus