Security Analyst, Security Operations (Threat Hunting, Operations, and Response)

GitHub's many features give it a broad attack surface that make it a popular target for malicious hackers, spammers, and fraudsters. Hackers know that we protect the key intellectual property of a massive number of companies and people. Spammers love the many vectors for delivering rich content through the platform: from creating spam on gists, issue comments, and user profiles to even opening pull requests to add ads to repositories. Fraudsters seek to profit by abusing GitHub and third-party integrators for monetary gain. This large and varied attack surface gives GitHub an interesting and unique set of problems to solve.

About Us

The mission of the Platform Health team is to protect the health, safety, and integrity of the GitHub platform from abuse at scale, which establishes and preserves trust for the users, communities, integrators, and businesses that rely on GitHub. As a Security Analyst within GitHub's Platform Health team you will use data to understand and detect abuse, build systems to automate detection, shape data collection processes, and advise product teams on best practices for making their products more resilient to abuse.

The team of Platform Health analysts is self-driven and autonomous while being highly collaborative. This is a talented team that values learning, work-life balance, and tackling interesting challenges, which are in no short supply given our evolving, adversarial problem space. The team's strength lies in the culture of high trust and empathy in which we operate, as well as the excitement and joy in the work we do.

What We Value

• Collaboration: We believe the best work is done together.
• Empathy: We believe in putting people first.
• Quality: We believe in setting the standard for excellence.
• Positive Impact: We believe in making the world a better place through our work.

Responsibilities

• Conduct exploratory analyses to identify patterns of illegitimate content and behavior
• Work closely with engineers to define requirements for tooling improvements
• Partner with other teams within GitHub to solve problems at scale
• Review new products and provide consultation to product teams
• Build and maintain classifiers (rule-based and machine learned) to detect illegitimate content and behavior

Note: In this position, you may encounter pornographic or otherwise offensive content.

Minimum Qualifications

• Strong data analysis skills
• Excellent written and verbal communication skills
• A working knowledge of regular expressions and SQL
• Practical software development skills (e.g., Linux command line, Python, etc.)
• At least two years of work experience

Desirable Experience

• Experience in detecting spam, fraud, or abusive activity at scale
• Experience using Git and GitHub
• Experience working within a Security team
• Experience building content and behavior classifiers (rule-based or machine-learned)
• Experience with content analysis, pattern recognition, or applied statistics

(Colorado only*) Minimum salary of $90,700 to maximum $221,500 + bonus + equity + benefits.· Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when being hired in Colorado. 

Location: In this role, you can work remotely from anywhere in the United States or onsite in one of GitHub’s U.S. offices (San Francisco, Bellevue, Raleigh).

#LI-Remote 

Who We Are:

GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.

Leadership Principles:

Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here: https://github.com/about/careers/remote

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.