Senior Security Detection Engineer

Gong unlocks reality to help people and companies reach their full potential. The patented Gong Reality Platform™ empowers companies to take advantage of their most valuable assets – customer interactions, which the Gong platform automatically captures and analyzes. Gong then delivers insights at scale, empowering revenue and go-to-market teams to determine the best actions for winning outcomes. Thousands of innovative companies like Morningstar Inc., Paychex, LinkedIn, Shopify, Slack, Sprout Social, Twilio, and Zillow trust Gong to power their customer reality. Gong is an award-winning company and was recognized on the Deloitte Technology Fast 500, Forbes Cloud 100, LinkedIn Top Startups, and Great Places to Work lists in 2022.

As a member of security operations, you'll play a key role in ensuring trust and security are core to day-to-day operations. This will be a hands-on position as we mature our security team, and you will be responsible for improving and automating our security operations practices.

RESPONSIBILITIES

This is a blended role unique to Gong's threat landscape which encompasses not just the technology stack but also the broader team responsibilities. This role will be responsible for advancing the security program in multiple areas, security event management, threat hunting, threat intelligence, incident response, SIEM content creation, SIEM content tuning, security engineering, purple team activities, and forensics. The SecOps engineer will also support the deployment of new security technologies that will improve the overall security posture of Gong. The ideal candidate will have a strong background in scripting and automation, as well as experience in developing custom content within Snowflake to support our data analytics and reporting needs.

• Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against Gong's enterprise environment
• Develop new detection logic and tune existing sensors/security controls.
• Actively research cybersecurity exploits, vulnerabilities, techniques, and tactics
• Analyze and tune logs, events, and SIEM alerts, identifying trends and patterns that may require early action
• Perform incident response investigation from escalated events on various workloads / systems
• Perform host-based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response.
• Coordinate security investigations, endpoint containment, and other response activities with business stakeholders and support teams.
• Work with security solutions owners to assess existing security solutions array ability to detect/mitigate the IOCs, and TTPs.
• Responsible for deploying and supporting tools to collect and correlate security telemetry.
• Leverage automation & APIs where possible in support of SecOps, IR and the security program. (As needed)
• Develop and maintain effective documentation, including response playbooks, processes, and other supporting operational material.
• Communicate cybersecurity risks and solutions to various technical and non-technical audiences and levels of management.
• Generate reports for both technical and non-technical staff and stakeholders
• Assist with internal and external audits relating to information security
• Comply with HIPAA and SOC-II, Diversity Principles, Corporate Integrity, Compliance Program policies, and other applicable corporate and departmental policies.

QUALIFICATIONS

• 7+ years of security operations experience
• Experience with threat hunting and incident response in a cloud environment
• In-depth knowledge of SIEM (Security Information Event Management)
• Experience with Snowflake data warehousing and analytics platform
• Experience in developing custom content within Snowflake, including stored procedures, user-defined functions, and complex SQL queries
• AWS Experience including Guard Duty
• Familiar with EDR tools to remotely remediate endpoints
• Familiarity with attack frameworks and mitigation
• Knowledge of Snowflake and SQL language is a plus
• Relevant security certifications such as CISSP, CISM, or GCIH are a plus

PERKS & BENEFITS

• We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family's needs.
• Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle.
• Mental Health benefits with covered therapy and coaching.
• 401(k) program to help you invest in your future.
• Education & learning stipend for personal growth and development.
• Flexible vacation time to promote a healthy work-life blend.
• Paid parental leave to support you and your family.
• Company-wide recharge days each quarter.
• Work from home stipend to help you succeed in a remote environment.

Gong is an equal-opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.

To review Gong's privacy policy, visit www.gong.io/privacy-policy/ for more details.