Security Incident Response Analyst

SurveyMonkey is a global leader in online surveys and forms that empowers people with the insights they need to make decisions with speed and confidence. Our fast, intuitive feedback management platform connects millions of users worldwide with real-time AI-powered insights that drive meaningful decisions. We provide answers to more than 20 million questions every day so that people and organizations can attract new audiences, delight customers, create advocates, and extend their competitive advantage in the marketplace. Our vision is to raise the bar for human experiences by amplifying individual voices. Learn more at surveymonkey.com.

What we’re looking for

As an Incident Response Analyst, you will help respond to Security and Privacy incidents relevant to SurveyMonkey. This role reports to the Head of Security.

As an Incident response lead, you will be the focal point for triaging, coordinating, collaborating, and ensuring that the incident response process is adhered to. You will collaborate with various departments throughout these efforts and report to senior leadership with updates as needed.

What you’ll be working on

• Maintain and manage the incident response process for SurveyMonkey
• Design, implement & update processes, procedures, guidelines, and solutions pertinent to Incident Response
• Own the implementation & maintenance of any tools/technologies used for the incident response process, e.g Rootly, Sharepoint, Confluence, PagerDuty etc.
• Lead automation projects that enhance the Incident response process
• Design & execute Table top exercises to test the effectiveness of the IR process
• Incorporate feedback and learnings from Table tops into the existing process
• Design, implement & report on incident response metrics to both technical and executive staff
• Analyze incident trends, metrics and other process gaps and provide actionable insights.
• Develop incident playbooks and repeatable methods for managing and responding to security incidents
• Drive awareness and education across the organization around incident response processes
• Manage the on-call roster for Incident response function.
• Work closely with the various team e.g. Security Operations, Product, Engineering, Marketing, IT, Business Systems etc. to improve detection and response process
• Be a part of the security on-call schedule.
• Lead the efforts to respond, investigate, mitigate and resolve security incidents
• Assess the priority & criticality of the incidents and identify the best course of action
• Ensure the response protocols are adhered to during the lifecycle of the incident
• Work with different stakeholders, internal and 3rd party, throughout the lifecycle of the incidents and post incident for root cause fixes
• Send periodic communication updates as needed during the incident response lifecycle to both internal and external stakeholders
• Lead the post-incident retrospective with involved stakeholders
• Drive post-incident actions with respective teams to closure

We’d love to hear from people with

• Ability to work in a dynamic, on-call environment
• 5+ years of professional experience in cybersecurity and/or information security or demonstrated equivalent capability
• Hands-on experience working in security incident response, security project/program management
• In-depth experience in all facets of incident response
• Strong analytical, documentation, and communication skills
• Ability to successfully facilitate collaboration across multiple functions, departments, and levels
• Basic technological understanding of Security tools like SIEM, endpoint detection and response, application, cloud etc.
• Ability to communicate written and orally in English at the B2+ level

This opportunity is hybrid and requires you to work from the SurveyMonkey office in Heredia 3 days per week.

Please apply using an English version of your resume/CV.

#LI-Hybrid

Why SurveyMonkey? We’re glad you asked 

SurveyMonkey is a place where the curious come to grow.  We’re building an inclusive workplace where people of every background can excel no matter their time zone. At SurveyMonkey, we weave employee feedback and our core values into everything we do to create forward-looking benefits policies, employee programs, and an award-winning culture, including our annual holiday refresh, our annual week of service, learning and development opportunities like Curiosity Week, and our C.H.O.I.C.E Fund. 

Our commitment to an inclusive workplace

SurveyMonkey is an equal opportunity employer committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.