Jobs
>
London

    Incident Response Analyst, Product Security - United Kingdom - GitHub, Inc.

    GitHub, Inc.
    GitHub, Inc. United Kingdom

    2 weeks ago

    Default job background
    Description

    About GitHub

    As the global home for all developers, GitHub is the complete AI-powered developer platform to build, scale, and deliver secure software. Over 100 million people, including developers from 90 of the Fortune 100 companies, use GitHub to build amazing things together across 330+ million repositories. With all the collaborative features of GitHub, it has never been easier for individuals and teams to write faster, better code.

    Locations In this role you can work from Remote, United Kingdom

    Overview

    GitHub is changing the way the world builds software, and we want you to help change the way we secure GitHub. We are looking for an Incident Response Analyst with software development and/or product security experience to join our remotely distributed PSIRT focused on responding to security vulnerabilities and threats against the full suite of GitHub products.

    Are you an exceptional problem solver that thrives in high pressure environments? Do you bring a beginner's mindset and a passion for learning to everything you do? Would your friends and colleagues describe you as an exceptionally empathetic communicator? Are you interested in keeping up with emerging threats and trends in security? If so, you might be a great fit for our team

    As an Incident Response Analyst, you will work alongside other members of the GitHub Security, Engineering, Legal, Public Relations, and Support teams to coordinate incident response across our platform. You will investigate anomalous activity, coordinate technical response and incident communications, and work to turn security incidents into opportunities to better secure GitHub and the internet at large through comprehensive incident retrospectives. You will ideate and implement improvements to our tooling and our processes. A successful applicant will have a desire to work collaboratively to drive diverse incident response teams consisting of technical and non-technical personnel and partner closely with cross-functional business units and application security professionals.

    Responsibilities
    • Coordinate incident response activities across complex and varied environments
      • Triage: Take in reports and assess impact, risk, and priority
      • Mitigation: Identify and work with engineering service owners to quickly address active vulnerabilities
      • Scoping: Analyze the impact of product vulnerabilities and search for evidence of compromise using KQL, Splunk, and code search
      • Notification: Coordinate with Legal, Public Relations, and Customer Support to craft timely communications to our customers to transparently provide guidance and awareness of security events
      • Post-mortem: Maintain detailed documentation of security incidents including timelines, findings, and remediation steps; track post-incident repair items for hardening GitHub's security posture
    • Participate in a 24x7x365 first responder rotation to triage incoming reports
    • Partner with product security and engineering teams to evaluate application security issues and drive long-term risk reduction through incident remediation
    • Participate in development and execution of initiatives to improve and mature the PSIRT program including process updates, automations, and relationship building
    • Work with stakeholders throughout security and engineering to develop and improve GitHub's Security Development Lifecycle
    Qualifications

    Required Qualifications:

    • Some years experience working in software development and familiarity with CI/CD environments, git and GitHub, Third-party package management OR a Bachelor's degree in Computer Science, Information Security, or related field
    • Experience in common security vulnerabilities, attack vectors, forensic log analysis in Splunk, relational databases or structured query languages disciplines with deep experience in one or more
    • Experience collaborating with multiple groups such as internal business or engineering units, customers, and/or vendors to drive results
    • Excellent communication and documentation skills, with the ability to convey complex technical concepts to both technical and non-technical audiences

    Preferred Qualifications:

    • Curiosity and a passion for learning, with a commitment to staying current on emerging security threats and trends
    • Exceptional problem-solving skills, with a demonstrated ability to thrive in high-pressure situations and create structure from chaos
    • Experience writing external facing communications
    • Experience in Ruby, Python, Bash, or Powershell
    • Experience assessing large scale production web applications
    • Experience working with distributed teams
    • Experience on a PSIRT or application security team

    GitHub values

    • Customer-obsessed
    • Ship to learn
    • Growth mindset
    • Own the outcome
    • Better together
    • Diverse and inclusive

    Manager fundamentals

    • Model
    • Coach
    • Care

    Leadership principles

    • Create clarity
    • Generate energy
    • Deliver success
    Who We Are GitHub is the world's leading AI-powered developer platform with 100 million developers and counting. We're also home to the biggest open-source community on earth (and 99% of the world's software has open-source code in its DNA). Many of the apps and programs you use every day are built on GitHub.
    Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond).
    At GitHub, our goal is to create the space you need to do your best work. We're remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms.
    Join us, and let's change the world, together.
    #J-18808-Ljbffr
  • SITA

    Product Security Officer

    3 weeks ago

    SITA London, United Kingdom

    **Overview**: · **Product Security Officer*** · - As · - **Product Security Officer**, you will have opportunities to take risks, challenge the status quo and shape the future for the greater good. You will be accountable for supporting the SITA product management community in en ...

  • JPMorgan Chase Bank, N.A.

    Product Security Lead

    3 weeks ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    JPMorgan Chase & Co. has expanded its consumer business and we have launched a new digital retail bank in the UK. We are offering consumers a completely new banking experience. Under the Chase brand, the bank provides products and features tailored to meet the needs of customers ...

  • Pinkerton

    Product Security Lead

    2 weeks ago

    Pinkerton London, United Kingdom

    We are as invested in your career as you are. · As you navigate through these uncertain times, know that Pinkerton has been a stable, thriving corporation for over 170 years. As recognized leaders around the globe in the corporate risk management industry, you can rest assured th ...

  • INTERIM PROFESSIONALS LIMITED

    Security Cleared Productivity

    2 weeks ago

    INTERIM PROFESSIONALS LIMITED London, United Kingdom

    My client is a Central Government Department engaging in an ambitious Change Programme to release an impressive target of efficiencies through better ways of working. Importantly, the programme of work does not have a primary target of cost savings but moreoverto improve process, ...

  • Sevier security management

    Film & Production Security

    2 weeks ago

    Sevier security management London, United Kingdom

    Full Job Description · A great opportunity to join a team working within the Film and Television industry. We're looking for smart and professional operatives, with both day and night shifts available. · You will be required to work within the major UK studios and on locations · ...

  • JPMorgan Chase Bank, N.A.

    Securities Services Product Control

    6 days ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    As part of the Trading Services and Capital team within Securities Services Product Control, you will partner with global and regional business heads as well as other functional teams, including Business Managers, Treasury, Financial Control, Operations, Technology to establish c ...

  • JPMorgan Chase Bank, N.A.

    Global Securities Services Product Control

    1 week ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    Trading Services & Capital Controllers partner with other JPMC functions, including Business Managers, Basel Measurement & Analytics (BM&A) within Global Operations, Product Team, LOB Product Controllers to establish control and governance best practices and accountability for th ...

  • JPMorgan Chase Bank, N.A.

    Securities Services, Complex Assets Product

    2 weeks ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    This is a unique opportunity to work in a cross-asset OTC derivatives environment with exposure to all types of derivatives from vanilla to complex products. Individuals will be given the opportunity to learn new skills or build upon existing knowledge within all aspect of valuat ...

  • Citi

    Global Securities Financing Product Head, Md

    1 week ago

    Citi London, United Kingdom

    **Purpose**: · Execution Services represents the markets related businesses within Securities Services and currently comprises of Securities Financing (Agency Securities Lending & Collateral Management Services) & Foreign Exchange. · The Global Securities Financing Product Head, ...

  • JPMorgan Chase Bank, N.A.

    Cib Securities Services Product Operating Model

    6 days ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    Guiding the team and organization on how to use Agile/Scrum practices and values to achieve the objectives set. · - Assessing the Maturity of the team and organization and coaching the team to higher levels of maturity, at a pace that is sustainable and comfortable for the team a ...

  • Chase

    Product Security Lead

    1 week ago

    Chase London, United Kingdom Permanent

    Job Identification · Job Category Cybersecurity · Business Unit Corporate Sector · Posting Date 05/03/2024, 10:17 · Locations LONDON, LONDON, United Kingdom · Job Schedule Full time · Job Shift Day · JOB DESCRIPTION · Product Security Lead · This is an excellent opportuni ...

  • Chase

    Product Security Engineer

    1 week ago

    Chase London, United Kingdom Permanent

    Job Identification · Job Category Security Engineering · Business Unit Corporate Sector · Posting Date 22/03/2024, 12:10 · Locations 25 Bank Street, Canary Wharf, London, Greater London, E14 5JP, GB · Job Schedule Full time · Job Shift Day · JOB DESCRIPTION · Product Secur ...

  • Chase

    Product Security Engineer

    1 week ago

    Chase London, United Kingdom Permanent

    Job Identification · Job CategorySecurity Engineering · Business UnitCorporate Sector · Posting Date03/22/2024, 12:10 PM · Locations 25 Bank Street, Canary Wharf, London, Greater London, E14 5JP, GB · Job ScheduleFull time · Job ShiftDay · JOB DESCRIPTION Product Security Enginee ...

  • BAE Systems

    Cyber Security/product Security Opportunities

    1 week ago

    BAE Systems Frimley, United Kingdom

    **Frimley** · **Submarines** · **Engineering** · **Experienced professionals** · Cyber Security Engineer/Consultant (Product Security) Opportunities · Location: Frimley, Bristol, Weymouth, Portsmouth, Barrow and Brough. · We offer a range of hybrid and flexible working arrangemen ...

  • BAE Systems (New)

    Product Security Engineer

    2 weeks ago

    BAE Systems (New) United Kingdom

    Job Title Graduate Submarines Product Security Engineer · BAE Systems do offer a range of hybrid and flexible working arrangements, however it is expected on our Graduate Programme you will be required to attend your site approximately3-4 days per week. The hybrid working arrang ...

  • Noa Recruitment Ltd

    Product Security Engineer

    5 days ago

    Noa Recruitment Ltd London, United Kingdom £90,000

    Product Security Architect · Product Security Architect Remote UK - £90000 · We are helping an innovative tech business scale their cloud software team. · Due to continued growth and demand for their products theynow urgently need a Product Security Architect to join them ASA ...

  • Databricks Inc.

    Product Security Engineer

    3 weeks ago

    Databricks Inc. United Kingdom

    The Product Security Team's mission is to Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likelihood of introducing new vulnerabilities in production and minimize the ...

  • Nomadgao

    Product Security Engineer

    2 weeks ago

    Nomadgao United Kingdom

    Mar 24, Databricks is hiring a remote Sr. Product Security Engineer. The Product Security Team's mission is to Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likeliho ...

  • BAE Systems (Powersource)

    Product Security Engineer

    23 hours ago

    BAE Systems (Powersource) England, United Kingdom £45,326 - £52,426

    Job title: Product Security Engineer · Location: Warton.We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. · Salary: £45,326 - £52,426 dependent on skills and experience · What you'll be ...

  • BAE Systems

    Product Security Engineer

    2 weeks ago

    BAE Systems United Kingdom

    Job title: Product Security Engineer · Location: Warton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: £45,326 - £52,426 dependent on skills and experience What you'll be doing: A ...