Bungie is searching for an experienced Security Analyst and Security Systems Administrator. You will be administering the security stack, investigating anomalous signals, triaging incidents, and improving our detection & prevention capabilities. Bungie's IT Administration team is a small group whose day-to day duties and challenges are varied, from supporting creative staff with high end applications to securing systems, network and technical infrastructure. Ideally, you have strong troubleshooting skills, a team oriented attitude, exceptional customer service skills, and an interest in expanding your technical breadth. As we often tread the cutting edge on new technology adoption, adaptability and a strong desire to research, investigate, and roll out new technologies is a must.
- Security Analysts are responsible for data management, analyzing events & alerts, identifying problems or areas potential concern, and developing recommendations that support Cybersecurity & InfoSec initiatives
- Collaborates with cross functional teams to collect, analyze data, presents results and provides recommendations
- Proactively research and identify network and system vulnerabilities providing recommended countermeasures or mitigating controls to reduce risk to an acceptable and manageable level
- Review results of vulnerability reports to help determine the severity of findings and ensure timely remediation
- Assist with assessing and mitigating risk associated with latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation, and Cloud security evaluations
- Assist with ongoing security research against various products and infrastructure, apply that knowledge to security testing
- Ability to perform the necessary threat research on enterprise systems/tools/technologies and convert that information into tooling that can be utilized both defensively & offensively
- Strong analytical skills and attention to detail
- Strong written and verbal communication skills with the ability to interact with technical teams and key client stakeholders
- Convey technical security concepts to technical and non-technical audiences
- Assist with the establishment of necessary policies and controls to secure the environment
- Knowledge of Windows, Linux, Unix, or any other major operating systems
- Solid understanding of threat, vulnerability, and risk models
- Experience in administration and operational support of NGAV & EDR solutions
- Foundational understanding of information technology and information security practices, including the areas of application security, policy development, security related research, physical security, systems integrity, and disaster recovery
- Experience with endpoint and system configuration hardening based on compliance requirements and best practices
- Strong foundational knowledge of network-based protocols such as TCP/IP, HTTP, HTTPS, DNS
- Familiarity of investigating, documenting, and reporting security incidents
- Willingness to learn to evaluate security vulnerabilities, develop mitigation strategies, and implement remediation
- Understanding of OWASP Top 10, CVSS, common classes of product security vulnerabilities, and attack/defense methodologies
- Understanding of network security and popular attack vectors
- Desire to learn and grow in the identity and security space
- Python and/or Powershell scripting capability
- Understanding and experience with various Active Directory attack techniques
- Experience in securing Cloud platforms including AWS, GCP, and Azure, implementing and maintaining both native and 3rd party security services and tools across those environments
- Experience with network-based detective controls like IDS/IPS, NTA/NDA, and various SIEMS
Most Bungie full-time employees will adopt a digital first approach allowing remote work in Bungie approved locations (outside of positions identified as 100% onsite in Bellevue/Seattle, or individuals preferring a hybrid/flex environment). Prospective full-time employees located outside of CA, CO, DC, FL, GA, IL, MA, MD, MN, NC, NJ, NY, OR, TN, TX, UT, VA, WA, or WI will need to establish residency in one of the states we are compliant in within 45 days of a start date. Contractors will follow a digital first approach adhering to the location guidelines agreed upon by our third-party employer/vendor and Bungie. Bungie’s remote policy is subject to change at the company’s discretion.
Bungie provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Please be aware that fictitious job openings, consulting engagements, solicitations, or employment offers may be circulated on the Internet in an attempt to obtain privileged information, or to induce you to pay a fee for services related to recruitment or training. Bungie does NOT charge any application, processing, or training fee at any stage of the recruitment or hiring process. All genuine job openings will be posted here on our careers page and all communications from the Bungie recruiting team and/or hiring managers will be initiated from an @bungie.com email address.