Incident Response Analyst, Product Security
2 weeks ago
About GitHub
As the global home for all developers, GitHub is the complete AI-powered developer platform to build, scale, and deliver secure software. Over 100 million people, including developers from 90 of the Fortune 100 companies, use GitHub to build amazing things together across 330+ million repositories. With all the collaborative features of GitHub, it has never been easier for individuals and teams to write faster, better code.Locations In this role you can work from Remote, United Kingdom
Overview
GitHub is changing the way the world builds software, and we want you to help change the way we secure GitHub. We are looking for an Incident Response Analyst with software development and/or product security experience to join our remotely distributed PSIRT focused on responding to security vulnerabilities and threats against the full suite of GitHub products.
Are you an exceptional problem solver that thrives in high pressure environments? Do you bring a beginner’s mindset and a passion for learning to everything you do? Would your friends and colleagues describe you as an exceptionally empathetic communicator? Are you interested in keeping up with emerging threats and trends in security? If so, you might be a great fit for our team
As an Incident Response Analyst, you will work alongside other members of the GitHub Security, Engineering, Legal, Public Relations, and Support teams to coordinate incident response across our platform. You will investigate anomalous activity, coordinate technical response and incident communications, and work to turn security incidents into opportunities to better secure GitHub and the internet at large through comprehensive incident retrospectives. You will ideate and implement improvements to our tooling and our processes. A successful applicant will have a desire to work collaboratively to drive diverse incident response teams consisting of technical and non-technical personnel and partner closely with cross-functional business units and application security professionals.
Responsibilities
Coordinate incident response activities across complex and varied environments
Triage: Take in reports and assess impact, risk, and priority
Mitigation: Identify and work with engineering service owners to quickly address active vulnerabilities
Scoping: Analyze the impact of product vulnerabilities and search for evidence of compromise using KQL, Splunk, and code search
Notification: Coordinate with Legal, Public Relations, and Customer Support to craft timely communications to our customers to transparently provide guidance and awareness of security events
Post-mortem: Maintain detailed documentation of security incidents including timelines, findings, and remediation steps; track post-incident repair items for hardening GitHub’s security posture
Participate in a 24x7x365 first responder rotation to triage incoming reports
Partner with product security and engineering teams to evaluate application security issues and drive long-term risk reduction through incident remediation
Participate in development and execution of initiatives to improve and mature the PSIRT program including process updates, automations, and relationship building
Work with stakeholders throughout security and engineering to develop and improve GitHub's Security Development Lifecycle
Qualifications
Required Qualifications:
Some years experience working in software development and familiarity with CI/CD environments, git and GitHub, Third-party package management OR a Bachelor's degree in Computer Science, Information Security, or related field
Experience in common security vulnerabilities, attack vectors, forensic log analysis in Splunk, relational databases or structured query languages disciplines with deep experience in one or more
Experience collaborating with multiple groups such as internal business or engineering units, customers, and/or vendors to drive results
Excellent communication and documentation skills, with the ability to convey complex technical concepts to both technical and non-technical audiences
Preferred Qualifications:
Curiosity and a passion for learning, with a commitment to staying current on emerging security threats and trends
Exceptional problem-solving skills, with a demonstrated ability to thrive in high-pressure situations and create structure from chaos
Experience writing external facing communications
Experience in Ruby, Python, Bash, or Powershell
Experience assessing large scale production web applications
Experience working with distributed teams
Experience on a PSIRT or application security team
GitHub values
- Customer-obsessed
- Ship to learn
- Growth mindset
- Own the outcome
- Better together
- Diverse and inclusive
Manager fundamentals
- Model
- Coach
- Care
Leadership principles
- Create clarity
- Generate energy
- Deliver success
Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond). At GitHub, our goal is to create the space you need to do your best work. We’re remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms.
Join us, and let’s change the world, together.
#J-18808-Ljbffr
-
Product Security Intelligence Analyst
2 weeks ago
United Kingdom Everything Full timeHome Jobs Product Security Intelligence Analyst Jobs In London United Kingdom Product Security Intelligence Analyst Jobs in London, United Kingdom Home Jobs Product Security Intelligence Analyst Jobs In London United Kingdom Product Security Intelligence Analyst Jobs in London, United Kingdom The Product Security Intelligence Analysts will execute...
-
Cyber Security Monitoring Analyst
Found in: Jooble UK C2 - 2 weeks ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and mitigating a recent security breach within our university...
-
Cyber Security Monitoring Analyst
1 week ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and mitigating a recent security breach within our university...
-
Cyber Security Analyst
Found in: Jooble UK C2 - 2 weeks ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and...
-
Cyber Security Analyst
Found in: Appcast UK C C2 - 1 week ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and mitigating a...
-
Cyber Security Analyst
Found in: Appcast UK C2 - 1 week ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and mitigating a...
-
Cyber Security Analyst
Found in: Whatjobs ES C2 - 4 days ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and...
-
Cyber Security Analyst
1 week ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and...
-
Cyber Security Analyst
Found in: Appcast Linkedin GBL C2 - 1 week ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. EXPERIENCE IN THE PUBLIC SECTOR IS RECOMMENDED As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and mitigating a...
-
Security Analyst
2 weeks ago
United Kingdom Wisetech Global Limited Full timeWiseTech Global is a world-leading software company building software for the global logistics industry. We are united in our mission to create breakthrough products that enable and empower those who own and operate the world's supply chains. We’re an Engineer-led company, with a focus on building secure, scalable products. It goes without saying that...
-
Security Analyst
2 weeks ago
United Kingdom Mayflower Recruitment Ltd Full timeTo play a critical role in safeguarding our clients’ digital assets and infrastructure. To be responsible for assessments, monitoring, analysing, and responding to security incidents, ensuring that our clients' environments remain secure and compliant with industry standards and regulations. Key Responsibilities:- Monitor security events and...
-
Security Analyst
Found in: Jooble UK C2 - 2 weeks ago
United Kingdom Mayflower Recruitment Ltd Full timeTo play a critical role in safeguarding our clients’ digital assets and infrastructure. To be responsible for assessments, monitoring, analysing, and responding to security incidents, ensuring that our clients' environments remain secure and compliant with industry standards and regulations. Key Responsibilities:- Monitor security events and...
-
Security Analyst
Found in: Jooble UK C2 - 2 weeks ago
United Kingdom Talent Full timeIT Security Analyst Permanent - full time Bolton - hybrid working Talent are partnered with a business advisory firm who are looking for a skilled IT Security Analyst who will play a vital role in safeguarding their digital assets. Reporting directly into Head of IT, you would be responsible for monitoring and responding to security incidents. What will...
-
Security Analyst
1 week ago
United Kingdom Talent Full timeIT Security Analyst Permanent - full time Bolton - hybrid working Talent are partnered with a business advisory firm who are looking for a skilled IT Security Analyst who will play a vital role in safeguarding their digital assets. Reporting directly into Head of IT, you would be responsible for monitoring and responding to security incidents. What will...
-
Incident Response Consulant
Found in: Jooble UK C2 - 2 weeks ago
United Kingdom Barclay Simpson Full timeI’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incident response/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your responsibilities will be as follows: Work closely with...
-
Incident Response Consulant
2 weeks ago
United Kingdom Barclay Simpson Full timeI’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incident response/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your responsibilities will be as follows: Work closely with...
-
Cyber Security Analyst
2 weeks ago
United Kingdom Redefined Ltd Full timeAs a Cyber Security Analyst, we are looking for someone to: Act as first responder to security alerts. Perform regular threat hunting across the organisation. Continually develop, tune and refine SIEM alerts and user, endpoint and network behavioural models to improve threat detection. Create and maintain security dashboards, reports and metrics. ...
-
Cyber Incident Manager
Found in: Jooble UK C2 - 2 weeks ago
United Kingdom Integrity360 Full timeLocation: Remote with travel to client/office site, UK Notes: You must be located in the UK and hold valid right to work. No sponsorship offered. Must be willing to undergo BPSS check. About Us Integrity360 is one of Europe’s leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range...
-
Cyber Incident Manager
2 weeks ago
United Kingdom Integrity360 Full timeLocation: Remote with travel to client/office site, UK Notes: You must be located in the UK and hold valid right to work. No sponsorship offered. Must be willing to undergo BPSS check. About Us Integrity360 is one of Europe’s leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range...
-
Cyber Security Monitoring Analyst
2 weeks ago
United Kingdom Redefined Ltd Full timeAs a Cyber Security Analyst, we are looking for someone to: Act as first responder to security alerts. Perform regular threat hunting across the organisation. Continually develop, tune and refine SIEM alerts and user, endpoint and network behavioural models to improve threat detection. Create and maintain security dashboards, reports and metrics. ...