** This position can be remote to anyone in the U.S. **
The Information Security team mission is to build and protect stakeholder trust - customers, employees, investors - in our business, especially where technology is involved. Security at The RealReal has a unique value in reinforcing trust in the stewardship that is core to the business. We do this by guiding the right organizational security risk decisions and partnering with technology and business teams. We bring integrity, knowledge, and a passion for technology.
We are looking for a Senior Cyber Defense Engineer to play an integral part in our enterprise cyber defense program. This is a technical, hands-on role at a dynamic and fast-paced environment. You’ll partner with various application and system owners to report, review, triage vulnerabilities, as well as to drive remediations and to improve our current processes by driving the configurations and integration efforts. Come join us in building better security for a company that lives its values of ecology, economy, and quality.
What You Get To Do Every Day
- Monitor the SIEM for suspicious events and anomalous activity
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
- Ability to configure data pipelines in the cloud and transport data into data lakes for analysis
- Configure and integrate SaaS tools, EDR, firewalls to centralize the vulnerability management program
- Ability to code against APIs (data extraction), write scripts and automate workflows is a plus
- Document and manage cyber events in ticketing systems
- Assist in incident response procedures.
- Review, triage vulnerabilities, and drive remediation efforts across IT, engineering and product teams
- Manage vulnerability remediation lifecycle
- Track, report and improve the vulnerability remediation process
- Configure logging, capture and analyze cyber events from technologies such as Intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, cloud hosting environments etc.
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
What You Bring To The Role
- 5+ years in relevant experience with a Bachelor’s degree in Computer Science/Information Technology/Data Science
- Proficiency with Python programming language
- Experience with SIEM, configuring and maintaining threat use cases
- Very good understanding of EDR, vulnerability scanning tools, writing queries (SQL)
- Comfortable working in the Mac/Unix/Linux environment
- Familiarity with EDR tools
- Familiarity with common security vulnerabilities (CVE/CVSS) and the ability to judge their severity and impact on the business
- Participation in on-call rotation periodically which may involve non-traditional working hours
- Cloud certifications and familiarity with AWS, GCP
- Malware Analysis experience
- Experience setting up HoneyPots and sniffers
- Eagerness to be hands-on with cybersecurity tools and assist with configuration tasks
- Cybersecurity certifications ISC2, GIAC, SANS