ezCater is the worlds largest online marketplace for catering a $60+ billion market just in the U.S. Businesspeople use us to find and order great food for meetings and events; restaurants and caterers use us to grow their catering business. Were backed by Insight Partners, Iconiq Capital, Wellington, Lightspeed, and GIC, and in early 2019 were valued at $1.25 billion. COVID slammed us, but we responded by finding new customer segments and seizing the rare opportunity COVID offered: when in life does a very successful operation get a do-over? Come help us power Food For Work even better than we did it the first time.

The Detection & Response (DART) function is a vital function to the security team as it is the primary mechanism for detecting, investigating, and containing attacks. Complementary teams such as Cyber Risk / Governance and Security Engineering help prioritize efforts and prevent attacks respectively but it is the DART team that must develop the high fidelity detections, perform continuous analysis to ensure the organization is protected from persistent attackers.

The Detection & Response function needs to continuously deploy new detection and response capabilities to keep pace with attackers who are constantly developing new Tools, Techniques, and Procedures (TTPs) in order to attack organizations.

What youll do:

-Be the senior point of escalation for attack detection & response

-Establish operating procedures to detect & respond to cyber incidents from external threats

-Develop and/or engineer security detections as code

-Perform threat hunting using the MITRE ATT&CK FrameworkMature the Fraud Prevention Program

-Lead the weekly security briefings

-Participate in the on-call rotation and perform hands investigations in collaboration with the security team and other organizational stakeholders.

-Ensure all security investigations are triaged under SLA

-Ensure all security detection and response capabilities are working inside defined SLO

-Perform bi-weekly investigation retrospectives

-Report on Attack Management Metrics to the Director of Security

-Be a subject matter expert to other teams and assist as necessary on the design, implementation, deployment, and maintenance of scalable security controls and processes.

-Work with other teams to identify, resolve, and mitigate vulnerabilities and risks.

-Work to solve security challenges at scale while balancing usability, stability, scalability, and performance.

-Create and maintain Detection & Response metrics for cross-functional stakeholders at every level to provide transparency into the effectiveness of our Detection & Response Team.

You have:

-Been an Incident Handler / SOC Engineer for at least five (5) years

-Worked on IR / CERT / SOC teams

-Experience working with leadership to design, implement, and manage security programs, roadmaps and initiatives

-Design and lead the migration of traditional SIEM to SOAR

-Achieved detection parity with Industry Frameworks, MITRE ATT&CK, OWASP for the Detection & Response functions

-Experience with open source technologies and environments

-Developed detection and response action to Account Take Overs (OTA) and other frequent attack types

-Defended cloud-native organizations use cloud-first infrastructure tools ie Kubernetes, Docker, serverless.

-Experience with tools Palo Alto Prisma, AWS Native security service, CrowdStrike, ect

-Worked with one of the following compliance regulations or standards: SOC2 Type 2, NIST CFS, SANS 20, and/or ISO 27001

-Experience taking a creative and pragmatic approach to security problems and integrating scalable security workflows with development teamsUnderstanding of scrum/agile framework

-A proficiency with scripting/developing in Python, Go, Ruby

What youll get from us:

Youll get a terrifically compelling opportunity, in an environment of radical transparency, open access to all the data, and collaborative colleagues at every level of our organization. Youll also get sane working hours and great flexibility around work/life balance.

Have people in your life of any age who always, often, or sometimes need your help? We make room for that. Have a bad thing or a good thing happen to you? We make room for that, too.

Oh, and youll get all this: Market salary, stock options that youll help make worth a lot, the usual holidays, all-you-can-eat vacation, 401K with ezCater match, health/dental/FSA, long-term disability insurance, a great office in the heart of Boston or Denver that you cant use till COVID lightens up, a tremendous amount of responsibility and autonomy, wicked awesome co-workers, cupcakes (and many more goodies) once we get back to our offices, and knowing that you helped get this rocket ship to the moon.

ezCater is an equal opportunity employer. We embrace humans of every background, appearance, race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, and disability status. At the same time, we do not employ jerks, even brilliant ones.

For information on how ezCater collects and uses job applicants' personal information, visit our Job Applicant Privacy Policy.