Security Analyst

San Francisco
General and Administrative
Full-time
THE CHALLENGE
Lever is hiring a Security Analyst  to augment our growing Security Team. In this brand-new role you’ll be responsible for adapting, improving and scaling the Security Analyst functions during a period of significant growth (and beyond) for the company. Reporting to our Security Program Manager, you’ll bring your experience to build effective security solutions adhering to best practices and recognized control frameworks while optimizing for efficiency and quality. 
The Security Analyst will focus on multiple security domains. We are a small team and your agility will ensure you keep pace with an ever changing landscape.

THE OPPORTUNITY 
As the newest member of the Security Team, you will have the opportunity  to architect and build solutions from scratch. You will be working closely with the Security Program Manager to build the technical components of the security roadmap as Lever continues to scale its workforce aggressively. You will engage in multiple facets of Lever’s security from triaging alerts to vendor assessments. We value data at the core of the security program and you will have the opportunity to use your skills to produce actionable data. We never lose sight of our highest priority: ensuring that all Lever customer and company data is secure and available. These goals drive all that we do, and we’re excited to bring someone on board who will creatively build the perfect mix of secure and efficient systems. We know that the work you will do will have transformative impact both to every contributor at Lever and every customer.

THE TEAM
Lever’s Security Team has executive support for an aggressive two year roadmap built on an industry standard control framework. We are a young team tasked with implementing controls and our results are translated to Senior Management through metrics. As a small team, everyday requires cross domain knowledge. We place a high emphasis on skills development and you will have the opportunity to expand and refine your skill set on the job. 

THE SKILL SET

    • We’re looking for someone with a builder mindset; confident in managing day-to-day operations but not content with the status quo. 
    • Commitment to Cyber Security Excellence proven through certifications like GSEC, GCIH, GCIA, CISSP, CCSK.
    • Experience performing technical analysis involving threat event data and evaluating malicious activity. 
    • Strong knowledge of commonly accepted information security principles and practices
    • Strong knowledge of techniques malicious actors would use to identify vulnerabilities, gain unauthorized access, escalate privileges and access restricted information.
    • Ability to effectively handle and prioritize requests from multiple departments while maintaining focus on personal and team goals.
    • Functional knowledge of at least two coding languages and a desire to drive efficiencies through programmatic solutions.

WITHIN 1 MONTH

    • Complete Ramp Camp, our comprehensive onboarding program designed to get you up to speed on all aspects of the business with a cross-functional cohort of new Leveroos. You'll learn about our business, product, vision and team and gain an understanding about how your role fits in to Lever's broader organization.
    • In partnership with your manager, develop your own Objectives and Key Results. These will serve as your onboarding plan and will help you and your manager align and understand your impact and progress to goals. 
    • In conjunction with the team, categorize and prioritize data sources relevant to security metrics to create project plan for centralization of security events
    • Familiarize yourself with our security roadmap and gain an understanding of the relationships between NIST CSF and ISO 27001 with special emphasis on the security functions appropriate for Lever’s maturity 
    • Create and implement automation for the collection of inventory information on hardware and software assets
    • Develop a regular reporting structure on compliance with information security policy in Corporate IT and Engineering Infrastructure to be shared with our Executive Team and Board of Directors.

WITHIN 3 MONTHS

    • Using network based tools, identify assets that are not part of our systems inventory and develop remediation path in consultation with IT and/or Infrastructure Engineering
    • Develop data set on applications used in our environments using our state of the art Endpoint Detection and Response tooling for preparation for application whitelisting
    • Evaluate deployments of automated patch management tools in both Corporate IT and Engineering Infrastructure and drive toward continual improvement against KPIs.
    • Combine data streams from across the organization to track vulnerabilities in applications and operating systems
    • Develop automated metrics to communicate the status of our vulnerability assessment program as needed. 

WITHIN 6 MONTHS

    • Use building blocks established during your first 3 months to implement the centralization of security data and events into an analytics platform to drive confidence in the security of our customer and internal data.
    • Augment our hardware and software inventory with inventory of administrative accounts
    • Develop an action plan to execute in conjunction with Corporate IT to limit access to administrative accounts
    • Increase granularity of our access control matrix to limit the use of software development and scripting tools to users who require them to perform a business function
    • Functionalize collected logs to create alerts around security events like use of administrative accounts and attempts to use deactivated accounts
    • Using automated auditing tools, partner with corporate IT to create standard, hardened configurations for systems dependent on access role

WITHIN 12 MONTHS

    • Incorporate regular review and tuning of analytics platform into routine security tasks.  Continual assessment and improvement will be essential.
    • Focus efforts to secure the most common attack vectors into an organization; ensure alerting exists to properly identify security events around these vectors 
    • Further augment systems hardware and software inventories to include protocols and ports used across the organization and develop alerting to notify of deviations from inventory
    • Continually improve automation implemented in the first 6 months to identify gaps and produce reporting
    • Continue refining system hardware and software inventories to include network boundaries; identify areas where boundaries have become irrelevant 
IS THIS ROLE NOT AN EXACT FIT? 
Sign up to stay in touch, we’ll let you know when we have new positions on the team.


THE LEVER STORY
Lever builds modern recruiting software for teams to source, interview, and hire top talent. Our team strives to set a new bar for enterprise software with modern, well-designed, real-time apps. We participated in Y Combinator in summer 2012, and since then have raised $73 million. As the applicant tracking system of choice for Netflix, Eventbrite, ClearSlide, change.org, and thousands more leading companies, Lever means you hire the best by hiring together.

Lever is an equal opportunity employer. We are committed to providing reasonable accommodations and will work with you to meet your needs. If you are a person with a disability and require assistance during the application process, please don’t hesitate to reach out! We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives. Learn more about our team culture and commitment to diversity and inclusion.