Overview
As a SOC Analyst in the Trust engineering team, you will support the design, implementation, and management of Roku’s end‑to‑end security systems and controls impacting a global user base. Your key responsibilities include supporting the development of security controls, managing SIEM/SOAR tooling and threat intelligence platforms, conducting technical incident response, vulnerability management, risk assessment, and acting as the first point of contact for the future outsourced Tier 1 SOC function. You will collaborate with teams within Trust engineering and across the organization to develop, influence, and enforce strong security practices and postures.
Responsibilities
* Support the design and implementation of information security systems and frameworks including threat prevention, detection, and mitigation tools.
* Manage, maintain, and optimize security information and event management (SIEM) platforms and associated security infrastructure.
* Detect and respond to information security incidents, investigate attacks, identify vectors, and lead containment, eradication, and recovery efforts. Create detailed incident reports and lead post‑incident reviews.
* Conduct threat hunting and proactive measures: hunt for undetected threats, tune security tools, refine detection rules, and address false positives.
* Oversee the vulnerability management lifecycle and reporting; support prioritization and advise stakeholders on vulnerability status and postures.
* Identify risks in new and existing projects and environments; support implementation of necessary security controls to meet business needs.
* Implement security orchestration, automation, and response (SOAR) playbooks and procedures to improve response times and ensure a consistent approach to incidents.
* Provide mentorship and support to junior analysts; act as escalation point for complex issues.
* Support testing and evaluation of security products and solutions.
* Develop and manage the security operations centre (SOC) function as it is built and expanded.
* Raise awareness of security policies and best practices across the organization; continue to contribute to ongoing development of best practices, procedures, and security training.
Qualifications
* Strong understanding of SIEM, EDR, cloud security services (e.g., AWS GuardDuty), and various security technologies.
* Experience in automation and development of automated playbooks and associated processes in SOAR environments.
* Experience in creating incident response plans and leading incident response efforts and post‑incident reporting.
* Knowledge of threat intelligence, tactics, techniques, and procedures (TTPs) utilized by threat actors and how to generate and deploy mitigation strategies.
* Proficiency in vulnerability management, monitoring, reporting, and stakeholder engagement to ensure timely remediation.
* Strong understanding of network security principles and encryption technologies.
* Experience with security change management processes and procedures.
* Experience in risk assessment and advisory capabilities for internal systems and third‑party vendor solutions (SaaS, AI, etc.).
* Experience contributing to the development, implementation, and management of security policies and procedures.
* Strong knowledge of security frameworks and industry best practices such as ISO 27001, NIST, PCI‑DSS, and others.
* Strong analytical and problem‑solving capabilities.
* Effective communication and collaborative skills to work across cross‑functional teams including development, IT, Legal, Governance, and Risk.
Hybrid Work Approach
Roku fosters an inclusive and collaborative environment where teams work in the office Monday through Thursday. Fridays are flexible for remote work except for employees whose roles require a five‑day in‑office policy or are in offices with a five‑day in‑office requirement.
Benefits
* Global access to mental health and financial wellness support and resources.
* Statutory and voluntary benefits including healthcare (medical, dental, vision), life, accident, disability, commuter, and retirement options (401(k)/pension).
* Support for taking time off in accordance with local leave policies and personal needs.
* Accommodations and reasonable adjustments in accordance with applicable law (refer to EmployeeRelations@Roku.com for accommodations).
#J-18808-Ljbffr