Cloud Security Operations Analyst

Meet Upside:

We created Upside to help communities thrive! Our retail technology uses the sophistication of online retail—profit measurement, attribution, and incrementality—to provide users with more value on their everyday purchases and brick and mortar businesses with new, profitable customers. We’ve helped millions of users earn 2 to 3 times more cash back than any other product, and tens of thousands of brick and mortar businesses earn measurable profit. Billions of dollars in commerce runs through the Upside platform every year, and that value goes directly back to our local retailers, the consumers they serve, and towards important sustainability initiatives. Our mission, values, and commitment to inclusivity guide our team of more than 200 people worldwide, and the quality of our culture is reflected in the impact we’ve had on communities nationwide.

Meet the Information Security Team:

The Upside Information Security team is a small and tight-knit group which has successfully implemented sophisticated security standards across the company. We anticipate growth for the company and that means growth for us! We believe partnership and teamwork are the best path to build awareness and scale security concerns across the entire organization.

What you'll do:

• Investigate security incidents (tier-2/ 3 after MSSP implementation)
• Day-to-day operation and health measurement of key security services such as vulnerability & configuration management (devices, traditional infrastructure, IaC, and code), cloud security, change management, Data Leakage Prevention (DLP), email security and malware prevention
• Create workflows and integrations to automate vulnerability / configuration management as much as possible
• Collaborate with system owners and engineers for resolution of critical vulnerabilities/ standard deviations
• Inform Security Engineering for complex issues
• Connect the dots to risk management when risk acceptance is needed for outstanding vulnerabilities and misconfigurations
• Assist in maintenance and reporting of security program metrics
• Provide recommendations on how to avoid future incidents & improve security controls
• Lead trainings for end users
• Support systems updates

What you need:

• 5+ years of InfoSec experience inclusive of AWS cloud security
• Bachelor’s degree in Cybersecurity, Computer Science, IT or related
• Coding experience in Python and Java highly preferred
• A collaborative approach and flexible mentality

 Our Technology Stack:

• Terraform
• Python for Automation 
• Kubernetes clusters in AWS EKS
• Java microservices using 12-factor principles
• AWS Lambdas written in Java and Python 3 
• Message Oriented Architecture
• Jenkins and Github Action CI/CD pipeline 
• AWS Services managed through Terraform (RDS), DynamoDB, S3, Athena, SNS, SQS, IAM, VPCs, Elasticache)
• Snowflake
• Github

The fine print:

• Notice to recruiters and placement agencies: This is an in-house search with a dedicated resource. Please do not submit resumes to any person or email address at Upside. Upside is not liable for, and will not pay, placement fees for candidates submitted by any party or agency other than its approved recruitment partners.

At Upside, we believe that diversity drives innovation. Our differences are what make us stronger. We‘re passionate about building a workplace that represents a variety of backgrounds, skills, and perspectives and does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Everyone is welcome here. Come join us!