Incident Response Analyst
As the global home for all developers, GitHub is the complete AI-powered developer platform to build, scale, and deliver secure software. Over 100 million people, including developers from 90 of the Fortune 100 companies, use GitHub to build amazing things together across 330+ million repositories. With all the collaborative features of GitHub, it has never been easier for individuals and teams to write faster, better code.
Locations
In this role you can work from Remote, United States
Overview
GitHub is changing the way the world builds software, and we want you to help change the way we secure GitHub. We are looking for an Incident Response Analyst with software development and/or product security experience to join our remotely distributed PSIRT focused on responding to security vulnerabilities and threats against the full suite of GitHub products.
Are you an exceptional problem solver that thrives in high pressure environments? Do you bring a beginner’s mindset and a passion for learning to everything you do? Would your friends and colleagues describe you as an exceptionally empathetic communicator? Are you interested in keeping up with emerging threats and trends in security? If so, you might be a great fit for our team!
As an Incident Response Analyst, you will work alongside other members of the GitHub Security, Engineering, Legal, Public Relations, and Support teams to coordinate incident response across our platform. You will investigate anomalous activity, coordinate technical response and incident communications, and work to turn security incidents into opportunities to better secure GitHub and the internet at large through comprehensive incident retrospectives. You will ideate and implement improvements to our tooling and our processes. A successful applicant will have a desire to work collaboratively to drive diverse incident response teams consisting of technical and non-technical personnel and partner closely with cross-functional business units and application security professionals.
Responsibilities
- Coordinate incident response activities across complex and varied environments
- Triage: Take in reports and assess impact, risk, and priority
- Mitigation: Identify and work with engineering service owners to quickly address active vulnerabilities
- Scoping: Analyze the impact of product vulnerabilities and search for evidence of compromise using KQL, Splunk, and code search
- Notification: Coordinate with Legal, Public Relations, and Customer Support to craft timely communications to our customers to transparently provide guidance and awareness of security events
- Post-mortem: Maintain detailed documentation of security incidents including timelines, findings, and remediation steps; track post-incident repair items for hardening GitHub’s security posture
- Participate in a 24x7x365 first responder rotation to triage incoming reports
- Partner with product security and engineering teams to evaluate application security issues and drive long-term risk reduction through incident remediation
- Participate in development and execution of initiatives to improve and mature the PSIRT program including process updates, automations, and relationship building
- Work with stakeholders throughout security and engineering to develop and improve GitHub's Security Development Lifecycle
Required Qualifications:
- 2+ years experience working in software development and familiarity with CI/CD environments, git and GitHub, Third-party package management OR a Bachelor's degree in Computer Science, Information Security, or related field
- General experience in common security vulnerabilities, attack vectors, forensic log analysis in Splunk, relational databases or structured query languages disciplines with deep experience in one or more
- Experience collaborating with multiple groups such as internal business or engineering units, customers, and/or vendors to drive results
- Excellent communication and documentation skills, with the ability to convey complex technical concepts to both technical and non-technical audiences
- Curiosity and a passion for learning, with a commitment to staying current on emerging security threats and trends
- Exceptional problem-solving skills, with a demonstrated ability to thrive in high-pressure situations and create structure from chaos
- Experience writing external facing communications
- Experience in Ruby, Python, Bash, or Powershell
- Experience assessing large scale production web applications
- Experience working with distributed teams
- Experience on a PSIRT or application security team
The base salary range for this job is USD $90,700.00 - USD $240,500.00 /Yr.
These pay ranges are intended to cover roles based across the United States. An individual's base pay depends on various factors including geographical location and review of experience, knowledge, skills, abilities of the applicant. At GitHub certain roles are eligible for benefits and additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role.
GitHub values
- Customer-obsessed
- Ship to learn
- Growth mindset
- Own the outcome
- Better together
- Diverse and inclusive
- Model
- Coach
- Care
- Create clarity
- Generate energy
- Deliver success
GitHub is the world’s leading AI-powered developer platform with 100 million developers and counting. We’re also home to the biggest open-source community on earth (and 99% of the world’s software has open-source code in its DNA). Many of the apps and programs you use every day are built on GitHub.
Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond!). At GitHub, our goal is to create the space you need to do your best work. We’re remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms.
Join us, and let’s change the world, together.
EEO Statement
GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!
-
Seniority level
Not Applicable -
Employment type
Full-time -
Job function
Management and Manufacturing -
Industries
Software Development
Referrals increase your chances of interviewing at GitHub by 2x
See who you knowGet notified about new Incident Analyst jobs in United States.
Sign in to create job alertSimilar Searches
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub