Senior SOC Analyst

📋 Description

• • Polymarket is seeking a highly skilled and motivated Senior SOC Analyst to join our internal security operations team. In this pivotal role, you will be instrumental in safeguarding our cutting-edge prediction market platform, which facilitates billions in traded volume and serves as a growing alternative news source. You will be at the forefront of monitoring, triaging, and responding to security events, ensuring the integrity and security of our global user base and operations. This position offers a unique opportunity to contribute to a fast-paced, innovative company with a mission to become a ubiquitous beacon of truth in global media.
• • As a Senior SOC Analyst, your day-to-day responsibilities will be diverse and critical. You will meticulously monitor our Security Information and Event Management (SIEM) system, Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and various cloud security tools for any alerts, anomalies, or indicators of compromise. A significant part of your role will involve reviewing and triaging escalations that come from our contracted 24/7 third-party SOC provider, acting as the primary escalation point for threats that require our deep institutional context and direct, hands-on response. You will also be tasked with conducting proactive threat hunting, leveraging intelligence feeds, understanding the MITRE ATT&CK framework's Tactics, Techniques, and Procedures (TTPs), and formulating hypothesis-driven queries to uncover potential threats before they can impact our systems.
• • When confirmed incidents arise, you will take the lead in containment, eradication, and recovery efforts. This will involve close coordination with our Engineering, Legal, and Leadership teams, especially for high-severity events that demand swift and decisive action. You will also be part of a rotating on-call schedule, responding to critical alerts and pages as needed. A key deliverable will be the creation of clear, comprehensive incident reports, detailing the timeline of events, the impact of the incident, the identified root cause, and the corrective actions taken to prevent recurrence. Your analytical skills will be put to the test as you analyze malware samples, dissect phishing campaigns, examine network traffic patterns, and investigate endpoint artifacts to accurately determine the scope of an attack and the TTPs employed by adversaries.
• • Furthermore, you will play a crucial role in enhancing our detection capabilities. This includes identifying gaps in our current detection mechanisms and proposing actionable improvements, such as developing new SIEM rules, refining correlation logic, and optimizing existing configurations. You will also be responsible for authoring and maintaining essential SOC documentation, including runbooks and playbooks, which will be utilized by both our internal team and the third-party SOC provider to ensure consistent and effective incident handling. Additionally, you will contribute to regular weekly and monthly reporting, providing insights into incident trends, the effectiveness of our security posture, and the adherence of our third-party provider to Service Level Agreements (SLAs).
• • This role is ideal for a security professional who thrives in a dynamic environment and is passionate about protecting critical digital assets. You will have the opportunity to work with a talented and dedicated internal security team, collaborate with external security partners, and gain exposure to a unique and rapidly evolving industry. Your contributions will directly impact the security and trustworthiness of Polymarket, a platform that is reshaping how people engage with information about real-world events. You will develop a deeper understanding of complex security challenges within the prediction market and potentially the blockchain/DeFi space, honing your incident response and threat hunting skills to an advanced level. The experience gained here will be invaluable for career growth in cybersecurity, particularly in security operations and incident management.
• • The team at Polymarket is comprised of passionate individuals dedicated to building a secure and reliable platform. We foster a collaborative environment where expertise is shared, and continuous learning is encouraged. As a growing company, you will be part of an exciting journey, contributing to the development and scaling of our security operations. The company's mission to provide transparent, market-based probabilities and serve as a trusted source of information is underpinned by a strong commitment to security, making this role integral to our overall success. You will be working in a forward-thinking organization that values innovation and the application of cutting-edge technology to solve complex problems, all while operating in a rapidly expanding and influential market.