Job Description
What We DoAt Coda, we break down barriers between publishers and their audiences by thinking outside of the app. Coda is trusted by 300+ top digital content publishers – including industry giants Activision Blizzard, Bigo, Electronic Arts, Riot Games, and Zynga – to grow revenue, profit margins, and customer engagement in 60+ markets with ease. For publishers, this means less lift, more players and more payers. For players, Coda’s solutions allow them to pay for play their way.
Our winning formula? A laser-focused, pragmatic attitude coupled with an unwavering commitment to excellence. We are customer-centric, creative, and solution-oriented, always delivering to our users the top-tier entertainment content they want at competitive prices.
If you’re ambitious, bold and ready to take your career to the next level, get in touch!
Responsibilities
- Effectively use Security Information and Event Management (SIEM) to detect and investigate security incidents/alerts for vulnerabilities exploits, denial of service (DoS) attacks, malware attacks, network intrusions, authorization/authentication attempts, and other forms of data breaches
- Perform security review of applications, infrastructure, system, email, middleware, network, database logs, rules, or security settings to identify suspicious or abnormal activities
- Document and maintain comprehensive records of security incidents, including detailed analysis of incident timelines, impact assessments, and remediation actions taken
- Conduct real-time security investigations to initiate triage, containment, and remediation of security threats and other malicious activity
- Build and formalize a cyber threat intelligence framework to consist of TTPs, indicators of compromise, methodology, and classifications of strategic, tactical, and operational.
- Building and designing security incident playbooks and operating procedures, including providing communications with other teams, evidence collection, and other documentation
- Be able to maintain and build new data ingestion pipelines for the in-house SIEM.
- Kept informed of the evolving security threat landscape, including detailed technical knowledge about the most prevalent threat groups, malware, attack methods, and vulnerabilities.
Requirements
- At least 8 years of experience in security operations, with 3-4 years of AWS cloud experience.
- In-depth knowledge of SIEM including setting up data ingestion models and pipelines.
- ElasticSearch experience is considered as an advantage.
- Familiarity with MITRE, NIST CSF frameworks.
- Deep understanding of packet analysis, HTTP/S traffic analysis
- Knowledge in scripting languages such as Python, Go.
- GCIA, GCIH, GCFA, GREM, GNFA, GCTI certification is a plus
- Excellent communication skills.