Senior Security Operations Analyst

at  Coda Payments

WHAT WE DO

At Coda, we break down barriers between publishers and their audiences by thinking outside of the app. Coda is trusted by 300+ top digital content publishers – including industry giants Activision Blizzard, Bigo, Electronic Arts, Riot Games, and Zynga – to grow revenue, profit margins, and customer engagement in 60+ markets with ease. For publishers, this means less lift, more players and more payers. For players, Coda’s solutions allow them to pay for play their way.
Our winning formula? A laser-focused, pragmatic attitude coupled with an unwavering commitment to excellence. We are customer-centric, creative, and solution-oriented, always delivering to our users the top-tier entertainment content they want at competitive prices.
If you’re ambitious, bold and ready to take your career to the next level, get in touch!

REQUIREMENTS

• At least 8 years of experience in security operations, with 3-4 years of AWS cloud experience.
• In-depth knowledge of SIEM including setting up data ingestion models and pipelines.
• ElasticSearch experience is considered as an advantage.
• Familiarity with MITRE, NIST CSF frameworks.
• Deep understanding of packet analysis, HTTP/S traffic analysis
• Knowledge in scripting languages such as Python, Go.
• GCIA, GCIH, GCFA, GREM, GNFA, GCTI certification is a plus
• Excellent communication skills.

• Effectively use Security Information and Event Management (SIEM) to detect and investigate security incidents/alerts for vulnerabilities exploits, denial of service (DoS) attacks, malware attacks, network intrusions, authorization/authentication attempts, and other forms of data breaches
• Perform security review of applications, infrastructure, system, email, middleware, network, database logs, rules, or security settings to identify suspicious or abnormal activities
• Document and maintain comprehensive records of security incidents, including detailed analysis of incident timelines, impact assessments, and remediation actions taken
• Conduct real-time security investigations to initiate triage, containment, and remediation of security threats and other malicious activity
• Build and formalize a cyber threat intelligence framework to consist of TTPs, indicators of compromise, methodology, and classifications of strategic, tactical, and operational.
• Building and designing security incident playbooks and operating procedures, including providing communications with other teams, evidence collection, and other documentation
• Be able to maintain and build new data ingestion pipelines for the in-house SIEM.
• Kept informed of the evolving security threat landscape, including detailed technical knowledge about the most prevalent threat groups, malware, attack methods, and vulnerabilities.