Netflix is looking to mature and expand its detection frameworks, platforms, and portfolio to minimize risk by proactively surfacing malicious or anomalous behavior and identifying attacker presence or activity.
Requirements
- Significant experience writing detections at scale using a detection-as-code approach
- Software engineering experience in a cloud-based environment and ability to contribute to our in-house platforms that are written in Python
- Familiarity with SQL/Hive and handling large data sets, in particular unstructured log data
- Familiarity with computer and network security concepts
- Experience working in a continuous integration and continuous delivery, cloud-based environment
- Experience working in AWS needed, other IaaS providers is a plus
- Experience writing and tuning AWS detections is a plus
Responsibilities
- Analyzing high-risk attack paths that could have substantial impact on Netflix
- Creating focused detections to reduce risk to the business
- Mature and expand detection frameworks, platforms, and portfolio
- Create and continually improve detections that run on our own platforms
- Proactively surfacing malicious or anomalous behavior to identify attacker presence or activity
- Using a risk-based prioritization mindset to focus efforts and generate the largest impact and benefits for Netflix
- Creating compensating detective controls in order to shorten the time to discovery
Other
- Excellent written and verbal communication skills
- Comfortable working on ambitious projects with a very small, tight-knit team
- Ability to effectively operate across teams and disciplines in highly ambiguous and rapidly changing environment
- Must be willing to work in a unique culture and environment
- Must be willing to participate in an equal-opportunity employer and celebrate diversity
