Intelligence Analyst, Security - SF HQ

  •  Lyft
  •  San Francisco, CA
  •  Jan. 30, 2018

Job Description

Our drivers and passengers entrust Lyft with their personal information and travel details to get where they're going and expect us to keep that data safe. Lyft's security team leads efforts across the company to ensure our systems are secure and worthy of our users' trust.
The security team designs and builds Lyft's security architecture, consults with other teams as they build and launch new products and features, proactively plans for the unexpected, and responds to incidents that occur. Our work affects the entire company and takes place at all levels of the stack, from infrastructure to web application security, as well as mobile apps, IT, and autonomous vehicles. We try to approach security from a software engineering standpoint. We believe in scaling security through automation and tooling and we ship frequently. Check out our blog posts at to learn more about some of the things we’ve built.
About the role:
The mission: Empower the company to make informed, prioritized and automated security decisions. Democratize threat intelligence along with “assume breach” mindset across Lyft to improve our ability to predict, sustain, investigate and recover from threats.
We’re looking for the right person to join our team, ingest existing threat intel along with  stimulating new learnings by performing red team operations, and move us along our maturity journey. What makes this scalable is that each intel source must be automated and integrated into our risk management framework. Our grand vision is a live dashboard that we can look at at any point and know the current status of any or all of our risks and controls. In short, we’re building a robot army that constantly validates our current security status. Don’t you want to live in this beautiful world?

We’re specifically looking for someone to take on the following responsibilities:

    • Develop and automate our cyber risk management platform using in-house and third-party solutions
    • Evangelize the assume breach mindset and work across Lyft to drive change across anticipate/protect/detect/response
    • Assess and prioritize efficacy of our managerial, operational, and technical security controls based on external and internal threats
    • Work with our Lyft for Business teams to ensure our customers have the evidence they need to clearly understand our trustworthiness

Minimum Qualifications - You have (and can demonstrate) deep knowledge of the following areas:

    • Specific operational impacts of cyber security lapses
    • Vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins)
    • Current industry methods for evaluating, implementing, and disseminating security intelligence feeds, security assessment, monitoring, detection and procedures utilizing standards-based concepts and capabilities
    • Leverage offensive capabilities to stimulate learnings and drive change
    • Computer networking concepts and protocols, and network security methodologies
    • Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
    • Building internal security intelligence platform and ingest third-party feeds
    • Common risk management framework and risk scoring methodologies

Minimum Qualifications - You have the following skills:

    • Development skills to automate security intelligence generation and consumption
    • Conducting red team/pentesting exercises
    • Interfacing with engineering teams to drive change
    • Technical writing, knowledge management, and technical documentation techniques
    • Preparing and presenting briefings/presentations

Minimum Qualifications - You possess the following abilities:

    • Thinking purple (Offense/Defense)
    • Communicating complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
    • Collecting, verifying, and validating test dataEvaluating information for reliability, validity, and relevance
    • Understanding technology, management, and leadership issues related to organizational processes and problem-solving

Preferred Qualifications - You have knowledge of some of the following areas:

    • Public cloud security risks (AWS, Azure, GCP)
    • Offensive security toolkit (Metasploit, CANVAS, Cobalt Strike)
    • Consuming learnings from red vs blue exercises

Preferred Qualifications - You have some of the following skills:

    • Making tough prioritization trade-offs
    • Discerning the protection needs (i.e., security controls) of information systems and networks
    • Conducting vulnerability scans and recognizing vulnerabilities in security systems
    • Determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes
    • Assessing security systems designs

Preferred Qualifications - You possess some of the following abilities:

    • Working across departments and business units to implement organization’s risk management principles and programs and aligning engineering objectives with security objectives
    • Identifying critical infrastructure systems with information communication technologies that were designed without system security considerations