Weekend Forensics and Incident Response (FIRE) Operations Analyst

It takes powerful technology to connect our brands and partners with an audience of nearly 900 million. Whether you're looking to write mobile app code, engineer the servers behind our massive ad tech stacks, or develop algorithms to help us process trillions of data points a day, what you do here will have a huge impact on our business-and the world. Want in?
About our team:
When you impact millions of people every day, you become a large target for adversaries of all types within all layers of the stack. Our job is to keep our users safe and make Yahoo one of the safest places on the Internet.
We are the information security team at Yahoo; known as "The Paranoids".
As part of the Paranoids Forensics and Incident Response Operations Team (FIRE), we protect Yahoo and its users from dedicated adversaries, working on the front lines monitoring for, hunting for, and responding to threats, we ensure that our users and company are kept safe.
You are a highly motivated security analyst and will use Yahoo internal tools and other systems to detect and respond to security events. You are interested in protecting sensitive corporate and user data from unauthorized access at Internet scale and applying advanced technical, behavioral, and investigative solutions to find evil, ensuring that Yahoo data remains secure.
Shift: 7 AM EST to 7 PM EST Saturday - Monday
During your time here we will:

• Give you the opportunity to take ownership of key processes supporting the mission of finding evil
• Enable you to stop advanced attackers and protect our users
• Provide you with a positive work life balance
• Encourage you to follow the investigation through till the end
• Challenge you to push the bounds of our security program and your own talents

Responsibilities

• Monitor and analyze security events from networks, applications, hosts, and databases
• Perform proactive research and identification of security anomalies
• Work with the team to develop and deliver table-top exercises
• Participate in regular threat hunting exercises
• Assess security incidents and assist Yahoo business units to remediate issues
• Work with a variety of security technologies including IDS, firewalls, EDR, etc
• Contribute to the overall security posture of Yahoo
• Work to tune signatures and develop new use cases for finding badness
• Evaluate new log sources for security detection value and develop potential use cases
• Continue to focus on process improvement including developing playbooks
• Work on special projects as needed
• Participate in a 24x7 on call rotation

Requirements

• Background in security fundamentals including network and host forensics, log analysis, and basic malware triage
• A passion for the field of information security and incident response.
• Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and attack patterns
• Functional experience with Windows, Mac and Linux systems and services
• An ability to work independently and communicate via technology
• Excellent written and verbal communication skills along with the ability to communicate complex, technical information to both technical and non-technical audiences

Desired

• Experience with Splunk Security Information and Event Monitoring (SIEM) solution
• Experience in shell scripting, Python, or similar tool and automation languages

#LI-SO1
Yahoo is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on age, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or any other protected category. Yahoo is dedicated to providing an accessible environment for all candidates during the application process and for employees during their employment. If you need accessibility assistance and/or a reasonable accommodation due to a disability, please submit a request via the Accommodation Request Form ( www.yahooinc.com/careers/contact-us.html ) or call 408-336-1409. Requests and calls received for non-disability related issues, such as following up on an application, will not receive a response.
At Yahoo, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion ( www.yahooinc.com/diversity/ ) page to learn more.
US Only: Please be aware that Yahoo requires all employees entering a U.S. Yahoo office and/or attending a company event (including client events) are required to be vaccinated for COVID-19. This position will require the successful candidate to obtain and show proof of a vaccination to enter a U.S. Yahoo office and/or attending a company event (including client events). Yahoo is an equal opportunity employer, and will provide reasonable accommodation to those individuals who are unable to be vaccinated consistent with federal, state, and local law.
Currently work for Yahoo? Please apply on our internal career site.