Cyber Security

As a Senior Cybersecurity Engineer at Peloton, you will be responsible for supporting the ongoing security operations and overall security strategy at Peloton. The ideal candidate must demonstrate in-depth knowledge of and experience in vulnerability and patch management, networking, cloud technology, incident response and automation. This person will develop, optimize, and operate the security tools used throughout Peloton's infrastructure and contribute to the overall security strategy across the entire organization. Responsibilities: Architect, deploy, and maintain Peloton's security infrastructure Evangelize security throughout Peloton and empower end users to do their jobs securely without creating additional friction Research and analyze potential new threats, attack vectors and risks and identify mitigation efforts Examine output from security tools and software and report on findings Collaborate with Peloton engineering teams to define and implement remediating controls to improve security. Work with cyber analysts and security engineers to develop threat models, detections, incident response playbooks, and maintain tooling to enrich security intelligence. Manage EDR, DNS security and vulnerability management tools. Requirements: 5+ years experience working in a security role You know how to identify security gaps / areas of risk and are able to effectively put together a plan for remediation Ability to work cross functionally between technical and business teams, evangelizing security best practices, policies, and procedures Effective communication skills Demonstrated knowledge of enterprise-scale security technologies which may include EDR, SIEM, vulnerability management, incident response, PKI, user behavior analytics, SSO, IAM, Privileged Access Management. Experience building reports and dashboards and obtaining data with standard SQL. Demonstrated proficiency with scripting (Bash, Python, etc) Experience with developing infrastructure as code (Terraform, Cloudformation) Deep hands on security experience with cloud providers such as AWS, GCP Experience with Google Workspaces and Amazon Workspaces Familiarity with development processes and environment tools such as Git and Jira Flexibility to cover US EST working hours. Great to Have: Cybersecurity Certifications (CISSP, CEH, Security+, etc.) Experience with Nucleus, Splunk, Snowflake, Crowdstrike, Umbrella, Rapid 7 and Cisco Attack Surface Management.