Employers / Recruiters

Security Analyst, Incident Response

lyft · 30+ days ago

At Lyft, our mission is to improve people’s lives with the world’s best transportation. To do this, we start with our own community by creating an open, inclusive, and diverse organization.

Lyft connects people to transportation to change the way we live and get around our communities. Lyft’s engineering team is growing rapidly, and we are looking for Security Engineers to help us scale. Come be part of a new team at Lyft focused on enabling and empowering engineering teams to deliver at scale.

Our drivers and passengers entrust Lyft with their personal information and travel details to get where they're going and expect us to keep that data safe. Lyft's security team leads efforts across the company to ensure our systems are secure and worthy of our users' trust.

Lyft Security builds systems to protect and defend infrastructure and services from cyber attacks. We consult with teams as they build and launch new products and features, proactively plans for the unexpected, and responds to incidents that occur. Our work has company wide impact and takes place at all levels of the stack, from infrastructure to web application security, as well as mobile apps, IT, bikes, scooters, etc. We believe in scaling security through engineering fundamentals, automation, and tooling. Check out our blog posts at to learn more about some of the things we’ve built.

The Incident Response team owns identification,  and response of security indents as well as our proactive hypothesis based Threat Hunting program.

The Security Analyst is part of the detection and response group obsessed with quality of security alerts, feedback loops to respond quickly to incidents, reducing time to detect and executing proactive actions.


Swiftly Respond to Security Incidents:

  • Respond promptly to security incidents by orchestrating coordinated responses across engineering teams and other relevant disciplines.

Analyze and Prioritize High-Quality Security Alerts:

  • Assess and prioritize security alerts of high quality with the potential to impact the organization, based on SOCLess approach 

Collaborate with the Detection Engineering Team:

  • Work closely with the Detection Engineering Team to identify and implement new security strategies aimed at detecting threats, reducing the attack surface, and enhancing the organization's overall cybersecurity posture.

Conduct Proactive Threat Hunting Operations:

  • Define and execute proactive threat hunting operations across the organization's systems and services, aiming to uncover detection gaps, identify weaknesses in security controls, and refine existing processes.

Assess the Organization's Threat Landscape:

  • Evaluate the threat landscape specific to the organization to prioritize proactive security measures and actions.

Develop Automation and Tooling:

  • Create and maintain automation tools to enhance the efficiency and impact of the incident response team's activities.

Cultivate and Maintain Key Partnerships:

  • Establish and nurture relationships with critical partners both within the organization and externally to foster collaboration and information sharing.

Experience, Knowledge and Skills: 

Cybersecurity Knowledge:

  • A deep understanding of cybersecurity principles, including threat landscape, attack vectors, and security best practices
  • knowledge of security frameworks, standards, and compliance requirements relevant to your industry (e.g., NIST, ISO 27001). (Nice to have)


  • Proficiency in using security tools and technologies such as SIEM (Security Information and Event Management), EDR (Endpoint Detection and Response), and IDS/IPS (Intrusion Detection System/Intrusion Prevention System)
  • Strong understanding of operating systems (Windows, Linux, macOS) and their security features.
  • Scripting and automation skills, experience with cloud technologies such as AWS/GCP and their tech stack

Incident Detection and Analysis:

  • Experience in monitoring and analyzing security alerts and events generated by security systems.
  • The ability to identify and investigate potential security incidents and determine their severity.
  • knowledge of structure analysis techniques and decision making as OODA loop.

Incident Response Experience:

  • Hands-on experience with incident response processes, including identification, containment, eradication, and recovery.
  • Experience in handling different types of security incidents, such as malware infections, data breaches, insider threats, zero day vulnerabilities, third-party

Threat Hunting Experience (Nice to have):

  • Proven ability to proactively identify and investigate potential threats and vulnerabilities in the organization's environment.
  • Familiarity with threat hunting techniques, including TTPs (Tactiques, technique and procedures) analysis, anomaly detection, and behavior analysis.
  • Experience in creating and refining threat hunting camping based on hypothesis or cyber threat intelligence.

Communication Skills:

  • Strong communication skills to collaborate effectively with other team members, stakeholders, and management.
  • Ability to document incident response and threat hunting activities clearly and concisely.
  • The ability to adapt to evolving cybersecurity threats and technologies and stay current with industry trends
  • Ability to manage multiple tasks and priorities, and work independently with minimal supervision

Certifications: Although we are not requiring security certification, the following could be a plus to be considered:

  • Certified Incident Handler (GCIH)
  • Certified Threat Intelligence Analyst (CTIA)
  • CompTIA Security+
  • Certified SOC Analyst (CSA+)
  • vendor-specific certifications 


Last updated on Jan 11, 2024

See more

About the company

More jobs at lyft


Toronto, Ontario


30+ days ago

Medford, Massachusetts


30+ days ago

Toronto, Ontario


30+ days ago



30+ days ago

New York, New York


30+ days ago

More jobs like this

Application Security Manager
Kueski ·  Micropréstamos rápidos en línea


30+ days ago


30+ days ago

Mexico City, Mexico City


27 days ago


19 days ago


30+ days ago

Developed by Blake and Linh in the US and Vietnam.
We're interested in hearing what you like and don't like! Live chat with our founder or join our Discord
🚀 LaunchpadNov 27
Create a site and sell services based on your resume.
🔥 Job search dashboardNov 13
Revamped job search UI with a sortable grid, live filtering, bookmarks, and application tracking.
🫡 Cover letter instructionsSep 27
New Studio settings give you control over AI output.
✨ Cover Letter StudioAug 9
Automatically generate cover letters for any job.
🎯 Suggested filtersAug 6
Copilot suggests additional filters above the results.
⚡️ Quick applicationsAug 2
Apply to jobs using info from your resume. Initial coverage of ~200k jobs in Spain, Germany, Austria, Switzerland, France, and the Netherlands.
🧠 Job AnalysisJul 12
Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.
© 2024 RemoteAmbitionAffiliate · Privacy · Terms · Sitemap · Status