Security Threat Intelligence

New York City
Engineering
Full-time

About Frame.io
At Frame.io, we’re powering the future of creative collaboration. Over 400,000 video professionals use Frame.io to seamlessly share media and gather timestamped feedback from team members and clients. Simply put, we help companies create better video, together.

Frame.io is backed by Accel, SignalFire, Jared Leto and a host of other phenomenal investors. We've built a highly functional and market-leading product used and loved by companies such as Turner, Facebook, Disney, Spotify, NASA, Snapchat, BBC, BuzzFeed, TED, Adobe, Udemy, and many more.

We’re still in the early days of transforming the way world collaborates on video, and we are on the hunt for talented individuals to help us achieve our vision.

About You
We are looking for a highly motivated, adaptable and talented Threat Intelligence Engineer to join and help build and scale our security function. Your work will directly impact the experience of our highly passionate creator community. We are looking for natural innovators who strive to continuously improve and learn.

Requirements

    • 5+ years of experience in detecting and responding to attacks.
    • Able to solve large, complex technical problems
    • Strong attention to detail and care about quality and testing
    • Excellent written and verbal communication skills; people are delighted when they read your blog posts, threat reports and/or postmortems
    • Self-driven, autonomous and can contribute to the strategy and roadmap of the team
    • Experience in one or more programming languages (Python, Node.js, Elixir) and shell scripting
    • Detecting and responding to evolving threats requires visibility into the system and infrastructure. You will collect, develop, refine and deploy Threat Intelligence to products.
    • Experience in analyzing and correlating large security datasets in the cloud using ElasticSearch
    • You will develop threat reports to inform stakeholders, projects and priorities
    • Experience in security and incident response automation
    • Experience in AWS and it's services

Responsibilities

    • Security Operations: It's important to detect security incidents before they cause material damage to the business. You will prioritize, analyze and drive alerts to resolution. In the event an alert is identified as a security incident, you will kick off Incident Response.
    • Incident Response: You will rapidly scope, contain and eradicate threats, minimizing financial, legal, business and content losses. Services include but are not limited to log analysis, memory and disk forensics, reverse engineering, network containment, threat eradication and postmortems. You will also develop and refine processes, plans and procedures and partner closely with Legal, Comms and other stakeholders across the business.
    • Threat Intelligence: Instead of solely relying on a single data source or indicators (IP, Domain), you will correlate various data sources and publicly accessible information (open source threat intelligence feed) to create an end-to-end event chain.

Benefits

    • Competitive salary and equity
    • Medical, Dental, & Vision Insurance
    • Daily catered lunch & fully stocked kitchen with cold brew on tap and Whiskey Library
    • Unlimited PTO
    • Pre-tax commuter benefit
    • Discounted gym membership
    • Free Citi-Bike membership
    • Influence in a small, fast-paced team