Security Analyst

About us

At Auctane, we are united by a passion to help businesses deliver — whatever their size, wherever they are, and however they operate. We make it possible for businesses to meet the ever-changing requirements of their industry and customer expectations. Auctane products enable hundreds of thousands of businesses to annually mail and ship billions of items — over $200 billion worth — to recipients around the globe.

The Auctane family of mailing and shipping software products includes ShipStation, Stamps.com, ShipStation API, Endicia, Metapack, GlobalPost, Packlink, and Return Rabbit. Our partners include Amazon, UPS, USPS, eBay, BigCommerce, Shopify, WooCommerce, and Walmart.

Our values

Win as One. Delight Customers. Deliver Great Outcomes. 

About the role

The mission of this role is to be a key contributor to the day to day operational InfoSec management. The role will be responsible for leading the detection and response of cyber security threats/incidents, as well as managing the vulnerability management process.

This role will play a key part in shaping the processes and ways of working to best ensure Auctane identifies and responds to threats and cyber attacks.

The role sits within the InfoSec team which is part of the larger R&D Tech function who work at scale, pace and with the latest architecture patterns and tech.  This entry-level role offers a great opportunity for individuals to build a career in cyber security.

This position is hybrid (3 days per week in office) and is located in Austin, Texas. 

Travel Requirements: Up to 10% travel required.

About the team

We have a flat and open engineering culture where data, & evidence beats opinion and hierarchy, backed by honest and frank discussions. We passionately believe in forming autonomous, cross functional teams who are empowered to deliver our ambitious strategy. 

What will you be doing?

• Working to review and enrich playbooks and see opportunities for automation efficiencies in our Security detection and response capabilities.
• Liaising with the Engineering teams on incident response, vulnerability management and remediation actions
• Responsible for providing technical expertise in the support of security incidents using a plethora of leading security tools, coupled with continuous learning and training
• Working with AWS & GCP Cloud-native security tooling such as GuardDuty, Security Hub,  GCP Security Command Center to ensure a level of protection & monitoring of threats in Auctane Public Cloud environments. 
• Following up on regular security reviews, vulnerability, risk assessments and audits utilising our CSMP tool Wiz and Endpoint vulnerability tool Crowdstrike.
• Building relationships with all staff to promote “Security by Design” throughout the Engineering Teams and wider business.
• Being part of the internal Infosec / cyber security incident process - investigate suspected attacks and help manage security incidents, including providing post-mortem analysis, identify causes, develop solutions and preventive measures
• Responding swiftly to new and emerging security threats and vulnerabilities, investigate suspected attacks and be an integral part of the Information security incident process
• Learning and training, to enhance knowledge of Security Orchestration and Automation.

What are we looking for?

• Previous experience working in an Incident Response style role
• 1+ year in a IT/Security Analyst role preferred but not required 
• Comfortable building scripts and tools to automate tasks
• Knowledge of cloud security practices (AWS, GCP)
• Awareness of MITRE ATT&CK framework in a Detect and Respond environment
• Entry level Experience of security tooling and technologies, including:
• EDR (Crowdstrike)
• Email Protection (email - Abnormal)
• Google Workspace
• Identify Providers (OKTA)
• GCP/AWS native security (Guard Duty, Security Hub)
• Technical knowledge of vulnerabilities, threats, attack methods and infection vectors with Cloud Environments.
• Cloud Security Posture Management (CSPM) tool.
• Involvement in the Scoping and coordination of 3rd Party Pen Test
• Able to balance the demands of delivering high quality and demanding timescales.
• Hold yourself accountable to delivering on your commitments.
• Have a can-do attitude and demonstrate a passion for new technology and learning.

What will make you stand out?

• Knowledge of vulnerabilities, threats, attack methods and infection vectors with SDLC
• Experience in using automation to solve problems (Tines.io)
• General development knowledge: 
• A desire to constantly challenge the norm

The Tech

• CrowdStrike
• Abnormal
• Palo Alto / Panorama
• Sumologic
• Google Workspace
• Okta
• Veracode
• Invicti

What do we offer?

• 🏠 We are a hybrid company. All team members at Auctane in Austin come into the office Tuesdays, Wednesdays and Thursdays.
• 🛬Take the reins of your time off with our Flex Time Off policy – because work-life balance should always be in your hands!
• 🌅 We offer 12 paid holidays for all of our US employees!
• 💰401k employer matching program – because your future deserves a friendly boost!
• ⭐️We conduct annual merit reviews to recognize and reward your hard work and achievements.
• 🏟️ Company events, we work hard, play hard! We do our best every day, even at our regular team-building events.
• 🏢 Attractive office space in the heart of central Austin, Texas (free drinks, snacks…).
• 🍽Indulge in weekly catered lunches at our office – a delicious perk to fuel your work.
• 🏐 Health and Wellness: The well-being of our team is super important to us. Choose from different options that include medical, dental, and vision plans. 
• 🏋🏾‍♀️Fitness center in the office with Tonal Mirrors, Pelotons, free weights, etc.
• 🧠Employee Assistance Program. We offer up to 8 free mental health sessions. 
• 💪🏽We offer gym discounts to help you stay fit and healthy!
• 📚We offer education reimbursement to all employees, ensuring that you can pursue your educational goals while excelling in your career with us. Invest in your future and let us support your growth every step of the way. 
• 🔗 Employee Referral Program! We reward employees helping us find top talent!
• 💜 An inclusive, casual and upbeat work environment. The personality and opinions of each of our team members are important and valid; we aim to offer all employees a safe environment where they can be themselves and thrive.

Additional Position Duties: (The following is a list of what all employees, except those with medical accommodation, may be regularly required to do.)

• Sit for prolonged periods of time
• Utilize wrist and hands for a prolonged period of time
• Walk short distances
• Stand for short periods
• Speaking and conversing with others
• Lift up to 25lbs without assistance up to chest height

Equal Opportunity Employer/Veterans/Disabled

If you are based in California, we encourage you to read this important information about the ShipStation Privacy Policy for California residents linked here.