Security Engineer, Security Operations Center

Confidence can sometimes hold us back from applying for a job. Here’s a secret: there's no such thing as a "perfect" candidate. Poshmark is looking for exceptional people who want to make a positive impact through their work and help create an organization where everyone can thrive. So whatever background you bring with you, please apply if this role would make you excited to come to work every day.

Poshmark is a leading social marketplace for new and secondhand style for women, men, kids, pets, home, and more. By combining the human connection of physical shopping with the scale, ease, and selection benefits of ecommerce, Poshmark makes buying and selling simple, social, and sustainable. 

Security team at Poshmark is responsible for securing our application platform, cloud infrastructure, and IT systems to protect Poshmark and its 80 million Community members. As an Application Security Engineer, you will collaborate with other security and engineering teams on identifying vulnerabilities in our application while improving visibility and implementing application security best practices throughout SDLC.

Responsibilities

• Monitor and analyze security event logs/alerts to identify security incidents
• Lead security incident investigation, containment, eradication, and recovery
• Uncover root causes of sophisticated security incidents and targeted attacks that span systems, network, and code
• Improve our detection and incident response capabilities through automation
• Create playbooks for standard events to simply investigations
• Fine tune alerts to reduce false positives and automate responses to alerts
• Collaborate with SRE and and other security teams to remediate issues
• Managing SIEM to add, improve alerts and other capabilities
• Implementing security monitoring solutions across Poshmark environments
• Threat hunting to find malicious activities
• Use IOCs and other information to enrich data
• Working on other SOC related projects

Minimum Qualifications

• 1-2 years of experience in an information security role.
• Experience with security tools and technologies, such as SIEMs, firewalls, intrusion detection systems, and vulnerability scanners.
• Experience with incident response and remediation.
• Experience with cloud security.

Preferred Qualifications

• Experience with Incident Response, Malware Analysis, Threat Hunting
• Experience in SRE or DevOps/SecDevOps 
• GCIA or relevant certifications
• Experience in scripting (Python, Bash) will be a plus

6-Month Accomplishments 

• Continuously perform security incident investigation, containment, eradication, and recovery. This includes identifying and responding to security incidents, containing the spread of the incident, eradicating the malware or other malicious code, and recovering the affected systems.
• Stay up-to-date on the current IT threat landscape and upcoming trends in security. This involves reading security blogs and articles, attending security conferences, and subscribing to security mailing lists. You should also use security tools and services that provide threat intelligence.
• Write new high-fidelity detections and incident response playbooks. This includes writing new rules and playbooks for your organization's security tools to help detect and respond to security incidents. You should have a deep understanding of your organization's security infrastructure and be familiar with the latest security threats and attack vectors.

12+ Month Accomplishments

• Reduce Mean-Time-to-Detect (MTTD) and Mean-Time-to-Respond (MTTR) through automation.
• Improve Security Operations Posture by continuously improving detections, writing high fidelity detections and maintaining up to date Incident Response Playbooks.
• Working on Projects that will help shore up the Security Operations Posture

About Us

Poshmark is a leading social marketplace for new and secondhand style for women, men, kids, pets, home, and more. By combining the human connection of physical shopping with the scale, ease, and selection benefits of e-commerce, Poshmark makes buying and selling simple, social, and sustainable. Its community of more than 80 million registered users across the U.S., Canada, Australia, and India, is driving the future of commerce while promoting more sustainable consumption. For more information, please visit www.poshmark.com, and for company news and announcements, please visit investors.poshmark.com. You can also find Poshmark on Instagram, Facebook, Twitter, Pinterest, and YouTube.

Why Poshmark?

At Poshmark, we’re constantly challenging the status quo and are looking for innovative and passionate people to help shape the future of Poshmark. We’re disrupting the industry by combining social connections with e-commerce through data-driven solutions and the latest technology to optimize our platform. We’re nothing without our amazing team who deliver an unparalleled social shopping experience to the millions of people we connect each day.

We built Poshmark around four core values: 1) focus on people to create empowered communities that drive success; 2) together we grow to support each other to strive for our dreams; 3) lead with love to foster genuine connections built upon a foundation of respect; and 4) embrace your weirdness to accept and empower one another on their own unique journey. We’re invested in our team and community, working together to build an entirely new way to shop. That way, when we win, we all win together. Come help us build the most connected shopping experience ever.  We will set you up with comprehensive global and in-country benefits to support you and your family needs.

Poshmark is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

View Poshmark's Job Applicant Privacy Policy here.