Veho is the post-purchase experience company that unlocks the potential of everyday consumers and brands to fully participate in e-commerce. Building an entirely new end-to-end logistics infrastructure, powered by the latest technology and designed for the modern era of shopping, Veho is reinventing shipping, and all parts of the post-purchase experience as we know it. By removing the pain from delivery and returns, Veho is creating powerful opportunities for brands to engage and build deep loyalty with their customers like never before.

About the Role

The Information Security Team at Veho is seeking a highly motivated and detail-oriented Security Analyst to join our dynamic team. The ideal candidate will have a strong analytical mindset, excellent communication skills, and a passion for cybersecurity. This role is responsible for performing and evaluating vulnerability scanning, reporting detection results, maintaining scanning systems and procedures; and identifying and mitigating threats to the enterprise network, technical assets, applications, and enterprise users. This teammate will work independently with general supervision and exercise judgment within defined guidelines to take appropriate action. This role will report directly to the Sr. Director of Information Security.

Key Responsibilities:

Analyze network traffic, intrusion attempts, activity logs, and system alerts for trends, anomalies, and potential security breaches. Perform initial triage and analysis to identify and classify the type and severity of security events.
Conduct or coordinate vulnerability scans, and penetration tests to expose known and undocumented vulnerabilities in various information systems, document findings, and recommend risk mitigation strategies.
Execute basic incident response protocols, including containment, eradication, and recovery steps as per established playbooks.
Contribute to security compliance efforts such as ISO27001 certification, privacy and data security law compliance by providing the necessary capabilities and artifacts.
Assist with conducting risk assessments and developing risk mitigation strategies including working with development teams to integrate risk management practices into the software development lifecycle.
Review Security Researcher findings through the company’s Vulnerability Disclosure program and pursue remediation when issues are validated.
Maintain up-to-date knowledge of emerging threats and attack vectors

What you bring:

1-5 years experience
Bachelor's degree in computer science, information security, or a related field, or relevant work experience in lieu of a degree.

Working knowledge of:

- Log analysis and familiarity with security information and event management (SIEM) systems
- Networking and web-related protocols (e.g. TCP/IP, DNS, TLS, IPSEC, HTTP, HTTPS, routing protocols)
- Incident response procedures and best practices
- Common attack patterns and exploitation techniques
- Web application security, secure coding practices, and OWASP Top 10
- Security analysis techniques such as threat modeling and attack graphs
- GitHub operations (e.g., cloning, branching, merging, pull requests, issues)
- Common software development practices and procedures (version control, testing, patching, CI/CD)

Familiarity with:

- Cloud infrastructure (AWS, Google Cloud, Azure) along with best practices and security features
- Security tools such as endpoint detection and response (EDR) and vulnerability scanners
- Security frameworks such as ISO27001

Preferred Qualifications:

Security certifications (CISSP, GCIA, GCIH, GCFA, GCFE, etc.)
Ability to prioritize multiple tasks/initiatives at once and adjust on the fly
Comfortable with ambiguity and enjoy providing structure to solve problems
Self-motivated and comfortable in a remote environment
Experience with security automation
Experience in scripting (Bash, Python, etc.)

This job is no longer accepting applications

See open jobs at Veho.See open jobs similar to "Security Analyst" Origin Ventures.

See more open positions at Veho

Privacy policy Cookie policy