Job Description:

Why Gainsight?

We are ranked #1 on Glassdoor’s 2023 Best Place to Work List. Here’s why.

At Gainsight, our mission is to be living proof you can win in business while being human-first. 

Our industry-leading platform helps companies of all sizes and industries build durable businesses. Gainsight offers a powerful set of customer success, product, and community engagement solutions that enable businesses to scale efficiently, create alignment, and have a holistic view of their customers—all of which help increase product adoption, prevent churn, and grow renewals and expansions. Our software is used by hundreds of companies, including nearly 200 publicly traded organizations and industry leaders such as GE Digital, SAP Concur, and Box. We have offices in the US, UK, Netherlands, Israel, Japan, and India.

Gainsight joined the Vista Equity Partners portfolio in 2020. In 2021, we won their Excellence in Engineering award in recognition of our product and engineering advancements.

Gainsight has also been named one of the top 100 private cloud companies in the world by Forbes, one of the fastest-growing private companies in America by Inc. Magazine, and one of 20 Great Workplaces in Tech by Fortune Magazine. 

With diversity and inclusion at the forefront of our values, we promote a culture that celebrates diversity and inclusiveness regardless of, but not limited to, race, gender, sexual orientation, family status, religion, ethnicity, national origin, physical disability, veteran status, or age. 

Job Description:

We are seeking an experienced Security Operations & Incident Response Lead Analyst to lead our Security Operations Center (SOC) and manage all aspects of incident detection, response, and threat hunting and threat intelligence. The ideal candidate will have a deep understanding of cybersecurity, a passion for leading security teams, and expertise in incident response, SIEM management, and detection engineering.
 

Experience: 6+ years

Education: B.Tech in Computer Science, Information Security, or a related field
 

What You'll Do

SOC Operations Management:

• Oversee end-to-end SOC operations, including the management of SIEM (Security Information and Event Management) systems from integration to alert remediation.

• SIEM Administration & Detection Engineering:

• Manage SIEM processes such as log integration, parsing, rule creation, and tuning for enhanced detection capabilities.

• Develop and implement detection strategies to ensure timely identification of threats.
   

Threat Intelligence & Hunting:

• Stay up to date on the latest threat advisories and industry developments.

• Conduct proactive threat hunting and dark web monitoring to identify emerging threats.
   

Incident Response Leadership:

• Lead the incident response lifecycle, including identification, containment, eradication, and recovery.

• Act as the Incident Response Lead during major incidents, coordinating investigation and remediation efforts.

• Conduct post-incident reviews, retrospectives, and ensure follow-up actions are completed.
   

Vendor and MDR Management:

• Collaborate with Managed Detection & Response (MDR) providers and other vendors to enhance SOC capabilities and ensure timely resolution of incidents.
   

Collaboration & Communication:

• Work closely with cross-functional teams, including IT, DevOps, Engineering and third-party vendors, to ensure security best practices are maintained.

• Communicate complex security incidents and findings to stakeholders, both technical and non-technical.
   

Tabletop Exercises & Continuous Improvement:

• Organize and lead tabletop exercises to test and refine incident response plans.

• Continuously assess and improve SOC processes to enhance detection and response effectiveness.
   

What We're Looking For

• Hands-on experience with SIEM solutions and log management tools (Securonix, ELK Stack, etc.).

• Strong technical knowledge of incident response stages, malware analysis, network forensics, and log analysis.

• Experience in threat intelligence, threat hunting, and utilizing dark web monitoring tools.

• Experience working with Managed Detection and Response (MDR) teams and vendors.

• Excellent leadership skills with the ability to manage security incidents under pressure.

• Knowledge of security frameworks (MITRE ATT&CK, NIST, etc.) and compliance standards (CIS, ISO, etc.).

• Good knowledge of cybersecurity concepts: AV/EDR, Firewall, Malware, IDS, IPS, Phishing, WAF etc.

• Strong verbal and written communication skills to articulate complex security concepts.

• Multi cloud knowledge(AWS, GCP & Azure) would be an added advantage.
   

Preferred Certifications:  Nice to have

• Certified Information Systems Security Professional (CISSP)/ CCSK / CCSP

• AWS Security Speciality

• Comptia Security Plus

Why You’ll Love It Here

Your job shouldn’t stand in the way of your happiness—it should be a path to achieve it. At Gainsight, we’re passionate about achieving our goals—at the office and everywhere—and we work every day to create an environment that nurtures our best selves.

Gainsters love working here for several reasons. Here are a few:

• Our Core Values: We are guided by our values on our mission to be living proof you can win in business while being human-first. Learn more here.

• Our CEO: With a 99% approval rating on Glassdoor, Nick Mehta is one of the most beloved CEOs in Silicon Valley. 

• Our Growth Opportunities: From mentoring to career development opportunities, we’re passionate about helping our Gainsters learn, grow and thrive.

• Our Teammate Resource Groups: A huge source of pride for Gainsight, these groups are on a mission to put our values into action and make Gainsight a great place to work for all.

• Our Wellness Priorities: Monthly Recharge Days that re-energize us.

• Our Parody Videos: No explanation needed. Just watch them here!

Job Description Summary