Director, GHOST (Proactive Security)
Seoul, South Korea
Applications have closed
Coupang
Join us to innovate. Rocket your career. Collaborate with teams across the globe. Find your role and learn more about our culture.Company Introduction
We exist to wow our customers. We know we’re doing the right thing when we hear our customers say, “How did we ever live without Coupang?” Born out of an obsession to make shopping, eating, and living easier than ever, we’re collectively disrupting the multi-billion-dollar e-commerce industry from the ground up. We are one of the fastest-growing e-commerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce.
We are proud to have the best of both worlds — a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurial surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day.
Our mission to build the future of commerce is real. We push the boundaries of what’s possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world.
Job Overview
Coupang’s Proactive Security Team has a mission to keep Coupang secure by performing proactive activities that will prevent or mitigate potential security risks due to Threat Actors. That is achieved by two different teams:
- Red Team, which is responsible for simulating Threat Actor malicious activities.
- GHOST (Global Hunting, Oversight and Strategic Triage) team: The team is responsible for
- Understanding the Threat Actor tactics and motives (Cyber Threat Intelligence)
- Creating detection rules that would identify potential Threat Actors (Use-case development)
- Actively hunt for potential Threat Actors (Threat Hunting)
We are looking for a senior leader for our existing GHOST team in our Seoul offices, The successful candidate will be someone who can hire, develop, and retain the best, build an effective organization, work across groups to deliver business impact, and is not afraid to dive deep when needed.
Key Responsibilities
Responsibilities will include, but not be limited to, the following:
- Provide expertise and leadership in the team.
- Help build a great team by retaining and hiring the best, and positively shaping team culture.
- In-depth understanding of Threat Intelligence, Use-case development, and Threat Hunting.
- Drive the evolution of the team by overseeing strategy, roadmaps and driving execution.
- Inspire teams to raise the bar on delivery, but also define and deliver initiatives to improve maturity.
- Dive deep when necessary to lead by example.
Basic Qualifications
- 10+ years of work experience in information security and 5+ years of managerial experience
- Knowledge about and experience with the security threat trends, breaches and defense techniques and malware.
- Excellent leadership and communication skills.
- Able to analyze, understand and predict cyber threat trends with long-term vision.
- Proven experience leading a team responsible on at least two of the following areas:
- A team that builds automation and detection rules to identify anomalous activities within the environment.
- A team that performs Threat Hunting activities, allowing to proactively identify anomalous activity within the environment.
- A team that consumes and analyzes Cyber Threat Intelligence to better define the scope and focus areas.
- Hands-on experience on at least two of the following areas:
- Build automation and detection rules to find anomalous activities within the environment.
- Perform Threat Hunting activities, allowing to proactively find anomalous activity within the environment.
- Understand and leverage Cyber Threat Intelligence to better define the scope and focus areas.
- Understanding of Cyber Kill Chain, MITRE ATT&CK framework and how those are relevant to the threat landscape.
- Fluent in both Korean and English
Preferred Qualifications
- E-commerce industry-specific security threat expertise.
- Experience on cloud (AWS or GCP) and good understanding of the differences between Cloud and
- Experience with threat hunting, digital forensics, reverse engineering, incident response etc.
- Experience with sophisticated threat actor evidence including familiarity with typical Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and Tools, Techniques and Procedures (TTPs).
- Experience with various forensic log artifacts found in Security Information and Event Management (SIEM) logs, web server logs, Antivirus (AV) logs, protection logs such as Host-based Intrusion Detection Systerm (HIDS) and Network Intrusion Detection System (NIDS) logs
- Knowledge of third-party cybersecurity solutions, especially Extended Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions
- Computer Science, Computer Engineering, or related technical degree
- Holding one or more well-recognized security certifications related to cybersecurity, digital forensics or Incident response (e.g. CISSP, SANS, etc.)
Recruitment Process & Others
Recruitment Process
- Application Review - Phone Interview - Onsite (or Virtual Onsite) Interview – Offer
- The exact nature of the recruitment process may vary according to the specific job and may be changed due to scheduling or other circumstances.
- Interview schedules and the results will be informed to the applicant via the e-mail address submitted at the application stage.
Details to Consider
- This job posting may be closed prior to the stated end date for application if all openings are filled.
- Coupang has the right to rescind an offer of employment if a candidate is found to have submitted false information as part of the application process.
- Coupang does not discriminate against disabled applicants or those with veteran status. We are proud to offer equal opportunities for all applicants.
- Job titles and responsibilities may be subject to change depending on the candidate’s overall experience, etc. This will be communicated to the candidate at the appropriate time before the offer.
Privacy Notice
- Your personal information will be collected and managed by Coupang as stated in the Application Privacy Notice located below.
- https://www.coupang.jobs/en/privacy-policy/
Document Return Policy (This notice MUST be included in a job posting in Korea only to comply with the Fair Hiring Procedure Act.)
- This notification is given pursuant to Article 11 (6) of the Fair Hiring Procedure Act.
- A job applicant, who has applied but not been finally selected for a position at Coupang (the “Company”), may request the Company to return his/her hiring documents submitted pursuant to the Fair Hiring Procedure Act. However, this will not apply where the hiring documents were submitted via the website of the Company or e-mail, or where the job applicant submitted those documents voluntarily without a request from the Company. In addition, if the hiring documents were destroyed due to a natural disaster or any other reasons not attributable to the Company, such documents will be deemed to have been returned to the job applicant.
- A job applicant who wishes to request the return of his/her hiring documents pursuant to the main sentence of paragraph 2 above should fill out a “Request for Return of Hiring Documents” [Annex Form No. 3 in the Enforcement Rule of the Fair Hiring Procedure Act] and submit the request to the Company (Coupang Recruiting Team, Tower 730, 570 Songpa-daero, Songpa-gu, Seoul). In such case, within fourteen (14) days from the date of identifying the receipt of the request, the Company will send the hiring documents to the job applicant’s designated address via registered mail. Please be informed that the job applicant is required to pay the postage on the registered mail.
- In preparation for a job applicant’s request for the return of hiring documents pursuant to the main sentence of paragraph 2 above, the Company shall retain the original hiring documents submitted by the job applicant for 180 days from the completion of the recruiting process. If no request is made until the end of this period, all of his/her hiring documents will be destroyed immediately in accordance with the Personal Information Protection Act.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus Automation AWS CISSP Cloud Computer Science Cyber Kill Chain E-commerce EDR Forensics GCP Incident response Intrusion detection Malware MITRE ATT&CK Privacy Red team Reverse engineering SANS SIEM Strategy Threat intelligence TTPs XDR
Perks/benefits: Career development Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.