Stack Overflow is growing fast, and our technology needs just keep getting bigger. We’re looking for an Information Security Analyst (ISA) to join our existing team and help us grow our Infosec program. As an ISA, you’ll bring a business and customer mindset to secure the company with automation and repeatable processes that partners with our lines of business and customers.
We’re looking for someone with experience in web application development environments, applying security controls, and implementing a variety of security tools to help us manage risk.
You will become knowledgeable on our products and collaborate on security requirements and controls with our product teams and answer security-related questions from our customers. We don’t expect you to know every other part of our stack coming in, so we’ll pair you with other members of the team to learn and develop your skills across our entire organization and product lines.
What you’ll work on:
- Providing guidance on secure server, network, and client system builds
- Learning and understanding the development process and architecture for our different products
- Contributing to our continuous improvement of incident response and vulnerability management
- Automating security operations
- Working with Legal and Sales teams on customer security requirements in products and services
- Documenting our ever-evolving systems and procedures
- ISO 27001 Annex A controls
Our ecosystem includes:
- Google Cloud Platform
- Azure Sentinel (SIEM)
- Rapid7 Nexpose
- Microsoft Intune
- Cisco and Meraki
- Linux Centos (RedHat Enterprise Linux RHEL)
- Mac and PC laptops
- WorkSpace One
- GitHub Enterprise
Skills & Requirements
We’re looking for:
- 2+ years experience working in a technical, hands-on information security, development, or systems role
- 2+ years of experience in web application development or infrastructure as code environments
- Coding or other scripting experience
- Strong written and verbal communication skills and a strong inclination to “document as you go”
- Familiarity with: Servers, Networking, DNS, SIEM, IDS, vulnerability management tools, and a variety of OS’s
- Great communication and people skills as you will need to interact with various internal teams and external customers
We like to see:
- Experience working both on a team and on independent projects
- Self-motivated and proactive
Also note: If this job interests you but you aren’t certain if you meet all of the requirements, apply anyway!
We’re a remote-friendly team. Whether you work remotely or work out of our New York office, you’ll be part of a remote work culture that emphasizes online communication (Slack, GitHub, Hangouts, Zoom, Stack Overflow for Teams). While we’re generally very flexible on working hours, living and working within GMT-7:00 to GMT+2:00 time zones (US through Europe) is required for scheduling and interaction with your team. We also believe in strong work-life balance and are focused on making sure you have a positive work experience, in-office or remotely.
What you’ll get in return:
- Flexible hours
- 20 days paid vacation + holidays
- Completely free health insurance – no copay, no premiums (US residents)
- Generous parental leave (12-16 weeks at 100% pay), family care leave, and unlimited sick days
- Employees will never be poked with a sharp stick
About Stack Overflow
Stack Overflow is the largest, most trusted online community for developers to learn, share their knowledge, and build their careers. More than 50 million professional and aspiring programmers visit Stack Overflow each month to help solve coding problems, develop new skills, and find job opportunities.
We partner with businesses to help them understand, hire, engage, and enable the world’s developers. Our products and services are focused on developer marketing, technical recruiting, market research, and enterprise knowledge sharing.
We believe in hiring smart people and getting out of their way. We have an office in New York with some of the best amenities of any New York startup, and we have people who work remotely all over the world. We keep meetings and ceremonies to an absolute minimum.
Employment is conditioned upon successful completion of a background check and upon having the appropriate legal right to work.
Diverse teams build better products.
Legally, we need you to know this:
Stack Overflow does not discriminate in employment matters on the basis of race, color, religion, gender, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, or any other protected class. We support workplace diversity.
But we want to add this:
We strongly believe that diversity of experience contributes to a broader collective perspective that will consistently lead to a better company and better products. We are working hard to increase the diversity of our team wherever we can and we actively encourage everyone to consider becoming a part of it.