Software Engineer - SOC
Monitor dan tangani insiden keamanan untuk sistem terdistribusi
Sebagai Software Engineer - SOC di Poshmark, Anda akan memantau, menganalisis, dan menanggapi insiden keamanan di seluruh sistem terdistribusi. Tugas Anda termasuk mengidentifikasi perilaku anomali, melakukan investigasi mendalam, dan merancang otomatisasi untuk meningkatkan efisiensi deteksi dan respons. Anda akan bekerja sama dengan tim SRE, DevOps, dan IT untuk memperbaiki kerentanan dan meningkatkan keamanan serta reliabilitas sistem.
Kenapa Menarik?
Bekerja di Poshmark yang memiliki komunitas 165 juta anggota dan berkontribusi pada pengalaman berbelanja yang menyenangkan dan personal.
Tanggung Jawab Utama
- Memantau, menganalisis, dan menanggapi peristiwa keamanan dan peringatan di seluruh sistem terdistribusi
- Melakukan investigasi mendalam, konten, penghapusan, dan pemulihan insiden dengan fokus pada proses yang dapat diulang dan dapat diskalakan
- Merancang, membangun, dan memelihara kerangka otomatisasi untuk meningkatkan efisiensi deteksi dan respons
- Membuat dan terus memperbaiki logika deteksi menggunakan praktik terbaik dalam pengembangan
- Membuat dan terus memperbaiki buku petunjuk respons insiden sebagai alur kerja yang modular, dapat digunakan kembali, dan programatik
- Meningkatkan sistem peringatan untuk mengurangi kebisingan dan false positives melalui analisis data dan perbaikan algoritma
Persyaratan
- Kemampuan dalam menulis kode yang bersih, mudah dipelihara, dan efisien
- Pengalaman dalam bekerja dengan tim SRE, DevOps, dan IT
Skills Wajib
Keywords
Lihat Deskripsi Asli dari Ashby Job Boards
Deskripsi asli dari Ashby Job Boards
ABOUT POSHMARK Poshmark is the leading fashion marketplace where style comes alive through discovery, self-expression, and human connection. Powered by a vibrant community of 165 million members, Poshmark brings real people and taste to shopping through a social experience shaped by shared discovery. Buying and selling fashion feels simple, joyful, and personal, while every item tells its own story. Poshmark empowers sellers to grow meaningful businesses, keeps fashion in circulation longer, and gives shoppers access to unique and trusted finds, from everyday pieces to one-of-a-kind vintage and luxury. RESPONSIBILITIES - Monitor, analyze, and triage security events and alerts across distributed systems to identify potential incidents and anomalous behavior - Lead end-to-end incident response, including investigation, containment, eradication, and recovery, with an emphasis on scalable and repeatable processes - Perform deep-dive root cause analysis of sophisticated attacks spanning infrastructure, network, and application layers, including code-level vulnerabilities - Design, build, and maintain automation frameworks to improve detection and response efficiency (e.g., auto-remediation, alert enrichment pipelines) - Develop and maintain detection logic (rules, queries, behavioral analytics) using engineering best practices such as version control, testing, and CI/CD - Create and continuously improve incident response playbooks as modular, reusable, and programmatic workflows - Fine-tune alerting systems to reduce noise and false positives through data analysis, feedback loops, and algorithmic improvements - Collaborate closely with SRE, DevOps, IT and engineering teams to remediate vulnerabilities and improve system security and reliability - Engineer and enhance SIEM capabilities, including log ingestion pipelines, normalization, correlation rules, and integrations - Implement and scale security monitoring solutions across cloud-native and distributed environments - Conduct proactive threat hunting using data-driven and hypothesis-based approaches - Enrich and correlate telemetry using IOCs, threat intelligence feeds, and custom-built data pipelines - Contribute to SOC tooling and internal platforms by writing clean, maintainable, and efficient code - Participate in architecture and design discussions to embed security into systems from the ground up - Drive and contribute to broader security engineering and SOC modernization projects MINIMUM QUALIFICATIONS - 2–4 years of experience in information security, security engineering, or a related field - Hands-on experience with SIEM platforms, EDR tools, IDS/IPS, firewalls, and vulnerability management systems - Experience with incident response and security investigations - Strong understanding of cloud environments (AWS, GCP, or Azure) and associated security considerations - Proficiency in at least one programming or scripting language (e.g., Python, Bash, or Go) with the ability to build automation and tooling - Familiarity with software engineering fundamentals (data structures, APIs, version control, testing) PREFERRED QUALIFICATIONS - Experience in Incident Response, Malware Analysis, and Threat Hunting - Background in SOC, or SecDevOps practices - Experience building or maintaining internal security tools or platforms - Knowledge of distributed systems and observability (logging, metrics, tracing) - Familiarity with CI/CD pipelines and infrastructure-as-code (e.g., Terraform) - Relevant certifications (e.g., GCIA or similar) 6-MONTH ACCOMPLISHMENTS - Independently handle full incident response lifecycle with a focus on improving repeatability through automation - Build or enhance at least one automation workflow (e.g., alert enrichment, triage pipeline, or response action) that reduces manual effort - Develop high-fidelity detections with low false-positive rates using structured testing and validation approaches - Author and maintain programmatic incident response playbooks integrated with SOC tooling - Demonstrate strong understanding of the evolving threat landscape and apply insights to detection engineering - Contribute code or improvements to internal SOC tools, repositories, or automation frameworks 12+ MONTH ACCOMPLISHMENTS - Significantly reduce Mean-Time-to-Detect (MTTD) and Mean-Time-to-Respond (MTTR) through scalable engineering solutions and automation - Establish and maintain a robust detection engineering lifecycle (design, test, deploy, measure, iterate) - Improve overall security operations posture through continuous system-level and architectural enhancements - Lead or contribute to major security engineering projects that strengthen monitoring, detection, and response capabilities - Build reusable frameworks, libraries, or services that elevate SOC efficiency and engineering maturity - Act as a bridge between Security and Engineering teams, promoting secure-by-design principles across the organization
Data & laporan pasar
Riset gaji & permintaan skill dari data lowongan kami sendiri.
- Lowongan IT Indonesia vs Remote Global (2026)Analisis data primer 2.049 lowongan: metodologi, klasifikasi, dataset bisa diunduh.
- Permintaan Skill AI: Indonesia vs Global (2026)10.000+ lowongan, classifier taxonomy-first, Wilson CI, pra-registrasi sebelum analisis.
- Laporan Hiring Indonesia: Tech vs Non-TechPermintaan lowongan per bidang dari hitungan agregat — bukan listing per-listing.
- Benchmark Gaji IndonesiaKisaran gaji agregat lintas peran, dengan metodologi dan dataset terbuka.
- Laporan Pasar Remote per PeranLaporan otomatis per kelompok peran — skill, senioritas, perusahaan, gaji.
