Can you keep the data of 49 million global customers safe?

Are you an experienced Information Security engineer experience administering Security Information and Event Management (SIEM) applications? Do you have experience as an information security engineer with a demonstrable understanding of SIEM products and functionality?

This job will focus on enhancing visibility and creating intelligence based on Groupon’s global SIEM architecture. You will share responsibility to ensure the safety of Groupon’s information systems assets and to protect systems from unauthorized access and abuse.

This position will support the continued configuration, deployment, and management of Groupon’s SIEM solution across a global infrastructure. You will be tasked with implementing intelligent behavior-based monitoring rules, handling log sources & software updates, while also helping expand SIEM coverage and visibility.

You will also need to encompass systems and mechanisms used to for host-based intrusion detection and prevent systems. You will have knowledge of systems like OSSEC, and can design, install, configure, and integrate it with the SIEM infrastructure.

Though the initial project focus will be enhancement to our SIEM infrastructure, your responsibilities will expand into other technical information security projects and team responsibilities over time.

Does this sound like you?

• Excellent verbal, interpersonal, and written communication skills
• Excellent analytical, problem-solving and decision-making capabilities
• Can effectively work self-sufficiently across a geographically distributed team environment with integrity
• Is a results oriented, high energy person who takes pride in their work

Professional Skills & Responsibilities

• Act as the local subject matter expert and ambassador for Groupon’s SIEM solution to the rest of Groupon, including leadership
• Maintain SIEM operations, documentation and knowledge of the latest active security threats
• Assist in troubleshooting and problem solving a wide variety of client issues and issues affecting the security of Groupon’s computing resources
• Provide technical and operational security support to IT, Engineering, Legal, and business units
• Implement analytics-based rules to enhance and maintain visibility for the Information Security team across endpoint & network activity and audit logs
• Perform analyses against large data sets to identify potentially malicious behavior
• Perform technical security assessments against internal and external facing systems using open source and commercial tools
• Implement new security technologies as required to support a dynamic/challenging business environment
• Understand business needs, Engineering/IT capabilities, and security requirements to ensure a proper balance is maintained

Technical Expectations

• 8+ years software development experience
• 4+ years of experience administering SIEM technologies in global enterprise networks, administering Linux and Windows servers and information security experience, in a highly, technical hands-on environment
• Experience building, implementing and tuning SIEM event correlation rules, logic, and content in a large environment to filter out security events associated with known and well-established network behavior, known false positives and/or known errors
• Experience creating scheduled and ad-hoc reporting with SEIM tools
• Strong knowledge of networking and web related protocols (e.g., TCP, UDP, IPSEC, HTTP, HTTPS, network routing protocols), open-source command line utilities and scripting languages (Perl, Python, Bash), regulations (PCI, SOX 404, Safe Harbor), log management and SIEM solutions (e.g. Splunk, Nitro, Syslog-ng), and network security controls (Routers, Firewalls, Proxies, ACL’s, networking protocols)
• CISSP and/or CISA Certifications preferred
• Bachelor’s Degree or equivalent work experience
• Experience with computer forensics and investigations
• Vendor certification(s) in an enterprise SIEM product is a plus
• Experience with change control policy and procedures
• Experience with Amazon Web Services a plus

Groupon provides a global marketplace where people can buy just about anything, anywhere, anytime. We’re enabling real-time commerce across an expanding range of categories including local businesses, travel destinations, consumer products, and live or lively events. At the same time, we are providing advertising options and tools that merchants can use to grow and manage their businesses. Culturally, we believe that great people make great companies and that starting with the customer and working backward moves us forward. Community matters to us on an internal, local and global scale—it’s fundamental to our company’s growth and to the well-being of the world at large. We also value self-awareness, candor, lunch and WiFi. If we match with you, please apply to join us.