Senior Security Detections Engineer

Gong transforms revenue organizations by harnessing customer interactions to increase business efficiency, improve decision-making and accelerate revenue growth. The Revenue Intelligence Platform uses proprietary artificial intelligence technology to enable teams to capture, understand and act on all customer interactions in a single, integrated platform. More than 4,000 companies around the world rely on Gong to support their go-to-market strategies and grow revenue efficiently. For more information, visit www.gong.io.

As a member of security operations, you’ll play a key role in ensuring trust and security are core to day-to-day operations.  This will be a hands-on position as we mature our security team, and you will be responsible for improving and automating our security operations practices.

This is a blended role unique to Gong's threat landscape which encompasses not just the technology stack but also the broader team responsibilities.  This role will be responsible for advancing the security program in multiple areas within security operations including: data engineering, automation, hunting, and managing the detection lifecycle. The ideal candidate will have a strong background in scripting and automation, as well as experience in developing custom content within SQL products such as Snowflake to support our data analytics and reporting needs.

RESPONSIBILITIES

• Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against Gong’s enterprise environment
  
• Develop new detection logic and tune existing sensors/security controls. 
  
• Actively research cybersecurity exploits, vulnerabilities, techniques, and tactics
  
• Analyze and tune logs, events, and SIEM alerts, identifying trends and patterns that may require early action
  
• Perform incident response investigation from escalated events on various workloads / systems
  
• Perform host-based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response. 
  
• Coordinate security investigations, endpoint containment, and other response activities with business stakeholders and support teams.
  
• Work with security solutions owners to assess existing security solutions array ability to detect/mitigate the IOCs, and TTPs. 
  
• Responsible for deploying and supporting tools to collect and correlate security telemetry. 
  
• Leverage automation & APIs where possible in support of SecOps, IR and the security program. (As needed)
  
• Develop and maintain effective documentation, including response playbooks, processes, and other supporting operational material.
  
• Communicate cybersecurity risks and solutions to various technical and non-technical audiences and levels of management.
  
• Generate reports for both technical and non-technical staff and stakeholders
  
• Assist with internal and external audits relating to information security
  
• Comply with HIPAA and SOC-II, Diversity Principles, Corporate Integrity, Compliance Program policies, and other applicable corporate and departmental policies.
  

QUALIFICATIONS 

• 7+ years of security operations experience
  
• Experience with detection engineering, threat hunting and incident response in a cloud environment
  
• Experience developing security automation with Python, AWS, and workflow automation tools
  
• In-depth knowledge of SIEM (Security Information Event Management) and data lakes such as Snowflake
  
• Experience in developing custom content within Snowflake, including stored procedures, user-defined functions, and complex SQL queries against large datasets of endpoint and network telemetry
  
• Building custom threat detection tooling and frameworks
  
• AWS Experience including Guard Duty, S3 Storage, Cloudtrail, etc.
  
• Experience with Google Cloud Platform
  
• Familiarity with attack frameworks and mitigation
  
• Relevant security certifications such as the GCDA, and GMON is a plus
  
• Research, build, and maintain detections for the latest threats identified through SIEM correlations, active/past incidents & threat intelligence sources
  
• Ability to collect and audit logging capabilities of internal services, SaaS systems, and work with engineering teams in improving log visibility for Security Operations engineers
  
• Experience building data ingestion pipelines for large(GB/TB) unstructured data volumes
  
• Familiarity with data normalization, cleansing and sanitation lifecycle
  
• Experience dissecting an attackers techniques & methodologies while translating to custom detections is a plus

PERKS & BENEFITS 

• We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family’s needs.
• Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle.
• Mental Health benefits with covered therapy and coaching.
• 401(k) program to help you invest in your future.
• Education & learning stipend for personal growth and development.
• Flexible vacation time to promote a healthy work-life blend.
• Paid parental leave to support you and your family.
• Company-wide recharge days each quarter.
• Work from home stipend to help you succeed in a remote environment.

The annual salary hiring range for this position is $153,000 - $180,000 USD. 

Compensation is based on factors unique to each candidate, including, but not limited to, job-related skills, qualification, education, experience, and location. At Gong, we have a location-based compensation structure, which means there may be a different range for candidates in other locations. The total compensation package for this position, in addition to base compensation, may include incentive compensation, bonus, equity, and benefits. Some of our sales compensation programs also offer the potential to achieve above targeted earnings for those who exceed their sales targets.

We are always looking for outstanding Gongsters! So if this sounds like something that interests you regardless of compensation, please reach out. We may have more roles for you to consider and would love to connect.

We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored.

Gong is an equal-opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.

To review Gong's privacy policy, visit https://www.gong.io/gong-io-job-candidates-privacy-notice/ for more details.

#LI-AC1