Do you obsess over data loss? Do you lose sleep worrying about potential vulnerabilities in your network?

If so, our Information Security team is seeking an experienced Information Security engineer like you with experience in Data Loss Prevention (DLP) technologies within global-scale organizations.

The security engineer’s primary responsibilities will focus on the continued configuration, deployment, and management of Data Loss Prevention tools and other technical solutions across our global infrastructure. You will be tasked with implementing intelligent behavior-based Data Loss Prevention monitoring and detection rules while also helping expand coverage and visibility across Groupon’s business tools and processes. You will also be responsible for event correlation, create dashboards and intelligent reporting metrics, troubleshoot and remediate issues while working closely with technical and non-technical teams.

The responsibilities and requirements for this security engineering role will expand into other technical information security projects and team responsibilities over time to help ensure the safety of Groupon’s information systems assets and to protect systems from unauthorized access and abuse.

Does this sound like you?

• Excellent verbal, interpersonal, and written communication skills
• Excellent analytical, problem-solving and decision-making capabilities
• Can effectively work self-sufficiently across a geographically distributed team environment with integrity
• Is a results oriented, high energy person who takes pride in their work

Professional Skills & Responsibilities

• Act as a Subject Matter Expert (SME) for Data Loss Prevention (DLP) technologies
• Perform analyses against large data sets to identify PII or sensitive information while filtering out false positives and unnecessary noise
• Maintain operational health of DLP and information security team systems and technical documentation
• Assist in troubleshooting and problem solving a wide variety of issues
• Understand how to evaluate security threats and apply sound information security principles to effectively assess (potential) risk impact to business operations
• Be comfortable working within a geographically distributed team environment
• Experience with Incident Response processes and best practices
• Experience with change control policy and procedures
• Provide technical and operational security support to Information Technology & Engineering teams, as well as non-technical core business units
• Must possess strong written and verbal communication skills and be capable of understanding, documenting, communicating and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise
• Must possess and demonstrate strong analytical, problem-solving and decision making capabilities
• Must be results-oriented and self-motivated
• Demonstrated integrity in a professional environment
• Work closely with internal leadership teams in a collaborative environment to ensure that security awareness and issues are communicated effectively
• Be an ambassador for the Information Security team to other business units

Technical Expectations

• 8+ years software development experience
• Possess a thorough and in-depth understanding of Data Loss Prevention (DLP) methodologies and best practices
• 4+ years experience administering, maintaining, and optimizing Data Loss Prevention (DLP) solutions (on-premise and/or cloud-based) across enterprise networks consisting of Windows, OSX, and Linux endpoints.
• Demonstrated ability to identify security events associated with known and expected network behavior, filter out known false positives and/or known errors
• Experience creating scheduled and ad-hoc reports within DLP, SIEM, and other enterprise security administration tools
• Experience using SIEM tools for log collection, analysis and correlation rules
• Linux & Windows server administration experience is a plus
• Experience implementing and securing SaaS-based solutions and platforms as well as a basic understanding SAML-based single-sign-on concepts
• Experience hardening and applying modern security standards across servers, workstations, SaaS-based solutions, and network equipment
• Strong knowledge of modern networking and web related protocols (e.g., TCP, UDP, IPSEC, HTTP response codes & methods, REST API basics, etc)
• Must have solid familiarity using open-source command line utilities
• Must possess solid understanding of cryptography basics (public/private keys, TLS certificates, PKI, etc)
• Experience with vulnerability management and penetration testing
• Experience administering enterprise endpoint and network security tools and platforms
• Demonstrated track record staying up to date with Information Security and threat intelligence knowledge across the security and tech communities.
• Knowledge and ability to leverage basic scripting languages such as Python, Bash, Node, Powershell, etc.
• Familiar with compliance regulations such as PCI, GDPR, SOX, and other regulations/standards.
• Vendor certification(s) in DLP and similar technical skill areas are a plus
• Bachelor’s Degree or equivalent work experience required
• CISSP and/or CISA Certifications are a plus

Groupon provides a global marketplace where people can buy just about anything, anywhere, anytime. We’re enabling real-time commerce across an expanding range of categories including local businesses, travel destinations, consumer products, and live or lively events. At the same time, we are providing advertising options and tools that merchants can use to grow and manage their businesses. Culturally, we believe that great people make great companies and that starting with the customer and working backward moves us forward. Community matters to us on an internal, local and global scale—it’s fundamental to our company’s growth and to the well-being of the world at large. We also value self-awareness, candor, lunch and WiFi. If we match with you, please apply to join us.