Senior Threat Detection Analyst

Reddit is a community of communities. It’s built on shared interests, passion, and trust and is home to the most open and authentic conversations on the internet. Every day, Reddit users submit, vote, and comment on the topics they care most about. With 100,000+ active communities and approximately 82M+ daily active unique visitors, Reddit is one of the internet’s largest sources of information. For more information, visit redditinc.com.

Reddit is a community of communities. It’s built on shared interests, passion, and trust and is home to the most open and authentic conversations on the internet. Every day, Reddit users submit, vote, and comment on the topics they care most about. With 100,000+ active communities and approximately 82M+ daily active unique visitors, Reddit is one of the internet’s largest sources of information. For more information, visit redditinc.com.

Location: Bangalore, India 

Reddit is continuing to grow our teams with the best talent. This role islocated in Bangalore, India.. If you happen to live close to one of our physical office locations, our doors are open for you to come into the office as often as you'd like. 

Team Description

The SPACE (Security, Privacy, And Compliance Engineering) team defends Reddit’s employees and compute assets to make Reddit the most trustworthy place for online human interaction.  We look for humble experts with a relentlessly resourceful and entrepreneurial “can do” perspective. If you work tirelessly to break into computer networks and just as tirelessly to ensure others cannot, we need you.

Role Description

This is a Threat Detections role within the SPACE Security Intelligence Center. We are incident commanders with product administration experience who analyze security threats, build detections, and respond to security events. We value builders and software engineers with broad and deep technical knowledge, specifically in the fields of insider threat, data analytics, system forensics, malware analysis, threat hunting, threat intelligence, and application, endpoint, & cloud/infrastructure security. Security is tough, diversity is key, so unique experience is highly valued!

If you are passionate about data, security, threat models, and building creative mitigations, we need you. The ideal candidate has a strong coding background and has worked as part of a Computer Security Incident Response Team (CSIRT). We are looking for those with experience building creative detections and response automations, mapping detections to various security models, and using automation to validate detections are working. You will help build a scalable detection and incident response system to analyze security events and find anomalies across Reddit’s technical ecosystem (endpoints, cloud, and SaaS).

Some of our present and future work include:

• Building new and more powerful detection validation automations (Purple Team)
• Automating threat intel hunting as part of response processes
• Empowering admins and engineers through robust and distributed response runbooks
• Promoting Reddit’s unique combination of Privacy & Security
• Working across teams to ensure initiatives are greater than the sum of their parts

What You’ll Do:

• Monitor and respond to security alerts, Join the on-call rotation
• Analyze security events and build runbooks and automations
• Hunting for indicators of compromise
• Triage new threat vectors and identify detection opportunities
• Develop, enhance, and implement detections and the system that validates detections

Who we want you to be:

• Security analyst with hands on experience triaging security alerts and building runbooks
• Strong programmer with skills in Go/Python/shell scripts and knowledge of SQL/BigQuery/Sigma
• Developer familiar with git and cloud tools like Terraform, Ansible, or associated concepts
• Red/Blue/Purple team analyst with experience validating threat detections and hunting for IOCs
• Admin or customer support expert with 1+ years managing Security Tools, MacOS, Windows, Linux, &/or Cloud infrastructure
• Security wizard with 3+ years of experience within one or more areas: detections engineering, threat intelligence, endpoint hardening, device management, network/vpn/proxy/zero trust, XDR/EDR, DLP, insider threat processes, email security, forensic analysis, reverse engineering, data engineering, penetration testing
• Human not reliant on ChatGPT to communicate effectively with business representatives, explaining security topics (ELI5)

Benefits:

• Retirement Benefits (Employee Provident Fund scheme)
• Workspace benefits for your home office
• Personal & Professional development funds
• Family Planning Support
• Flexible Vacation & Reddit Global Days Off

Your salary will be commensurate with your experience

 

Reddit is proud to be an equal opportunity employer, and is committed to building a workforce representative of the diverse communities we serve.  Reddit is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at ApplicationAssistance@Reddit.com.