At Shutterfly, we’re all about people — bringing them together, making them feel welcome, and connecting them to experiences. We make our customers’ memories last a lifetime by capturing, preserving, and sharing them through photography and personalized products. Through our family of brands, trend setting products, cutting edge technology, and best in class customer service, we help our customers, and each other, share life’s joy.

This is an exciting time for Shutterfly’s Information Security team. In this position you will be an integral part of a developing enterprise Information Security Program. Your focus will be on security threat identification and incident escalation activities, as well as working with engineers to design and implement more effective security monitoring solutions. As a Senior Security Operations Analyst at Shutterfly, you will be exposed to all areas of information security operations and engineering as we continue to build our program. 

What You'll Do Here: 
● Lead and own incident response efforts/escalations
● Help to train and support SOC and NOC staff on security monitoring and response
● Monitor and interpret data from a number of security monitoring platforms (e.g. IPS/IDS,
Next-Gen Firewall, Anti-Virus, Vulnerability Scanner, etc.)
● Research and analyze security event data to identify potential security incidents using SIEM
● Document, test and refine incident response processes and procedures
● Monitor public security advisories and alerts for information related to threats and
vulnerabilities and help to build additional threat intelligence capabilities
● Drive efforts to improve and further build out the security monitoring tools
● Maintain knowledge of current security trends and be able to clearly communicate them to the
● Document all incident analysis and response activity in a structured ticketing system
● Perform threat hunting, security testing, validation and basic penetration testing
● Support information security engineering/architecture team
● Generate shift-handoff documentation and facilitate knowledge transfer to oncoming analysts

The Skills You'll Bring:
● Bachelors of Science in CIS/MIS/CS/CE, Engineering/Technology or related field or equivalent
● 6-8 years working within Information Technology and 4-6 years specifically in a security
operations or threat/vulnerability management role
● Must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and
most importantly, innovate through any problem with a can-do attitude
● Must have experience using and building SIEM technologies and creating, tuning and responding
to detections and alerts
● Demonstrated oral/written communications, and client facing skills

It is helpful however not required to have:
● CISSP, GSEC, GCIH, GCED, GCFA, GCFE, GMON certifications
● Experience with process automation using python, powershell, etc…
● Expert understanding of information security concepts, protocols, and industry best practices
● Strong understanding and experience in the incident response process, packet analysis and
forensic investigation techniques
● Experience with penetration testing tools and methodologies and the ability to conduct light red-teaming exercises
● Practical knowledge in monitoring and securing public cloud technologies such as AWS and Azure

Additional Qualifications:
● Working knowledge of TCP/IP Networking (IP Addressing, DNS, Routing, Switching, Ports/Protocols)
● Familiarity with Security frameworks and compliance programs such as NIST, ISO, HIPAA, PCI
● Experience with internal security assessments/reviews
● Experience administering both windows and linux systems
● Understanding of networking concepts and database technologies
● Experience with application security concepts and methodologies
● Hands-on experience with security technologies from the following preferred vendors: Splunk, Palo Alto Networks Firewalls, Proofpoint, Carbon Black
● Experience with MDM solutions and SaaS/IaaS security