About the Role
As a SOC Analyst in the Trust engineering team, you will support the design, implementation and management of Roku's end-to-end security systems and controls impacting a global user base. Key responsibilities include supporting the development of security controls, the management and maintenance of SIEM/SOAR tooling and threat intelligence platforms, technical incident response, vulnerability management, risk assessment and acting as a first point of contact for the future outsourced Tier 1 SOC function.
You will collaborate with teams both within Trust engineering and the wider organization to support, develop and influence strong security practices and postures across the organization.
Responsibilities
* Trust Information Security Operations
* Supporting the design and implementation of information security systems and frameworks including threat prevention, detection and mitigation tools.
* Manage, maintain and optimize security information and event management (SIEM) platforms and associated security infrastructure.
* Detect and respond to information security incidents, investigate security incidents, identify attack vectors, and lead containment/eradication/recovery efforts. Create detailed incident reports, lead post‑incident reviews, document lessons learned, and contribute to compliance reporting.
* Threat Hunting & Proactive Measures: Hunt for undetected threats, tune security tools, refine detection rules, and address false positives.
* Vulnerability management: analyse, oversee the vulnerability management lifecycle and reporting, support prioritization and advise relevant stakeholders on vulnerability status and postures.
* Security controls: identify risks in new and existing projects and environments and support the implementation of necessary security controls to meet business needs.
* Support the implementation of security orchestration, automation and response (SOAR) playbooks and procedures to improve response times and ensure a consistent approach to incidents.
* Provide mentorship and support to more junior analysts, act as escalation point for complex issues.
* Support testing and evaluation of security products and solutions.
* Support the development and management of the security operations centre (SOC) function as it is built and developed into the future.
* Raise awareness of security policies and best practices across the organization and continue to contribute to ongoing development of procedures and security training.
Qualifications
* Strong understanding of SIEM, EDR, cloud security services (e.g., AWS GuardDuty), and various security technologies.
* Experience in automation and development of automated playbooks and associated processes in security orchestration, automation and response (SOAR) environments.
* Experience in creation of incident response plans and leading incident response efforts and post‑incident reporting.
* Threat intelligence knowledge of tactics, techniques, and procedures (TTPs) utilized by threat actors and how to generate and deploy mitigation strategies.
* Vulnerability management, monitoring, reporting and engagement with stakeholders to ensure timely remediation.
* Strong understanding of network security principles and encryption technologies.
* Experience with security change management processes and procedures.
* Experience in risk assessment and advisory capabilities on internal systems and products/solutions from third‑party vendors (SaaS, AI, etc.).
* Experience in developing, implementing and managing security policies and procedures.
* Strong knowledge of security frameworks and industry best practices - such as ISO 270001, NIST, PCI‑DSS and others.
* Strong analytical and problem‑solving capabilities.
* Effective communication and collaboration skills to work across diverse cross‑functional teams including development, IT, legal, governance and risk.
Hybrid Work Approach
Roku fosters an inclusive and collaborative environment where teams work in the office Monday through Thursday. Fridays are flexible for remote work except for employees whose roles are required to be in the office five days a week or employees who are in offices with a five‑day in‑office policy.
Benefits
Roku offers a diverse range of benefits as part of our compensation package to support employees and their families. Benefits include mental health and financial wellness support and resources, statutory and voluntary benefits such as healthcare (medical, dental, vision), life, accident, disability, commuter, and retirement options (401(k)/pension). Employees are supported in taking time off in accordance with local leave policies and other personal needs.
Accommodations
Roku welcomes applicants of all backgrounds and provides reasonable accommodations and adjustments in accordance with applicable law. If you require reasonable accommodation at any point in the hiring process, please direct your inquiries to EmployeeRelations@Roku.com.
#J-18808-Ljbffr