Senior Security Operations Analyst

What We Do

At Coda, we break down barriers between publishers and their audiences by thinking outside of the app. Coda is trusted by 300+ top digital content publishers  – including industry giants Activision Blizzard, Bigo, Electronic Arts, Riot Games, and Zynga – to grow revenue, profit margins, and customer engagement in 60+ markets with ease. For publishers, this means less lift, more players and more payers. For players, Coda’s solutions allow them to pay for play their way.

Our winning formula? A laser-focused, pragmatic attitude coupled with an unwavering commitment to excellence. We are customer-centric, creative, and solution-oriented, always delivering to our users the top-tier entertainment content they want at competitive prices.

If you’re ambitious, bold and ready to take your career to the next level, get in touch! Responsibilities

• Effectively use Security Information and Event Management (SIEM) to detect and investigate security incidents/alerts for vulnerabilities exploits, denial of service (DoS) attacks, malware attacks, network intrusions, authorization/authentication attempts, and other forms of data breaches
• Perform security review of applications, infrastructure, system, email, middleware, network, database logs, rules, or security settings to identify suspicious or abnormal activities
• Document and maintain comprehensive records of security incidents, including detailed analysis of incident timelines, impact assessments, and remediation actions taken
• Conduct real-time security investigations to initiate triage, containment, and remediation of security threats and other malicious activity
• Build and formalize a cyber threat intelligence framework to consist of TTPs, indicators of compromise, methodology, and classifications of strategic, tactical, and operational.
• Building and designing security incident playbooks and operating procedures, including providing communications with other teams, evidence collection, and other documentation
• Be able to maintain and build new data ingestion pipelines for the in-house SIEM.
• Kept informed of the evolving security threat landscape, including detailed technical knowledge about the most prevalent threat groups, malware, attack methods, and vulnerabilities.

Requirements

• At least 8 years of experience in security operations, with 3-4 years of AWS cloud experience.
• In-depth knowledge of SIEM including setting up data ingestion models and pipelines.
• ElasticSearch experience is considered as an advantage.
• Familiarity with MITRE, NIST CSF frameworks.
• Deep understanding of packet analysis, HTTP/S traffic analysis
• Knowledge in scripting languages such as Python, Go.
• GCIA, GCIH, GCFA, GREM, GNFA, GCTI certification is a plus
• Excellent communication skills.