Security Incident Response Analyst
Remote - Americas
- Support
About Shopify
Opportunity is not evenly distributed. Shopify puts independence within reach for anyone with a dream to start a business. We propel entrepreneurs and enterprises to scale the heights of their potential. Since 2006, we’ve grown to over 8,300 employees and generated over $1 trillion in sales for millions of merchants in 175 countries.
This is life-defining work that directly impacts people’s lives as much as it transforms your own. This is putting the power of the few in the hands of the many, is a future with more voices rather than fewer, and is creating more choices instead of an elite option.
About you
Moving at our pace brings a lot of change, complexity, and ambiguity—and a little bit of chaos. Shopifolk thrive on that and are comfortable being uncomfortable. That means Shopify is not the right place for everyone.
- Care deeply about what you do and about making commerce better for everyone
- Excel by seeking professional and personal hypergrowth
- Keep up with an unrelenting pace (the week, not the quarter)
- Be resilient and resourceful in face of ambiguity and thrive on (rather than endure) change
- Bring critical thought and opinion
- Embrace differences and disagreement to get shit done and move forward
- Work digital-first for your daily work
About the role
We’re looking for curious and detail-oriented cyber security professionals to join Shopify as Security Incident Response Analysts.
As a Security Incident Response Analyst, you will leverage your expertise in data analytics, infrastructure and application security and identity management to analyze security alerts and respond to incidents that could ultimately lower the trust merchants place in Shopify.
You will own an issue from start to finish and will bring all the pieces together through your persistence to leave no stone unturned. There is a huge investigative component to this role, where you will have daily opportunities to apply your skills and experience as an analyst to navigate vast amounts of data and to find that needle in the haystack that will be the key to resolving the security issue.
Responsibilities
Analyze and respond to security alerts with the goal of risk reduction.
Implement new alerts using the tooling we have in place.
Collaborate with other security and engineering teams to remediate security findings.
Lead the response efforts to security incidents as part of an on-call schedule, collaborating with colleagues all across Shopify.
Lead root cause analysis (RCA) sessions.
Participate in and help define security table-top exercises.
Continuously refine the knowledge base through documentation and build new documents in a way that scales with the team’s growth.
Work with your lead in identifying trends and patterns in our security landscape and recommending improvements to help reduce security risks across our platform
It would be great if you had experience in one or more of the following (don’t stress, we are not expecting experience in all of the following!):
Understanding of information security fundamentals.
Knowledge of security issues affecting web applications and infrastructure.
Comfortable running and debugging scripts to automate manual work and reduce toil (e.g. Python, Ruby, bash)
Experience working with logging and data analysis tools (e.g. SIEM, SOAR; SIGMA, Yara; SQL, Splunk, KQL)
Familiarity with IAM systems and their audit logs (e.g. Okta, PingOne, Microsoft Entra)
Familiarity with cloud environments and their security logs (e.g. GCP, AWS, Azure)
Excellent written and verbal communication skills, with experience in distilling technical data into actionable intelligence for a varied audience
Experience troubleshooting problems with little up front information (finding the needle in the haystack).
Researching and using data analysis to identify security threats.
Awareness of GitHub and continuous integration practices.
Comfortable using AI/LLM tools to get the job done quickly and efficiently