Senior Software Engineering Manager, Security Operations Center

Candidates for this position are preferred to be based in Bangalore, India and will be expected to comply with their team's hybrid work schedule requirements.

Who We Are:

Wayfair is the online leader for home furnishings and decor. Through technology and innovation, Wayfair makes it possible for shoppers to quickly and easily find exactly what they want from a selection of more than 8 million items across home furnishings, décor, home improvement, housewares and more. 

Wayfair operates a growing Security Operations Center and we’re looking for a talented Security Operations Senior Manager to join and help grow our team. Our Security Operations team is tasked with monitoring and protecting Wayfair from an ever growing number of security risks, and finding new and creative ways to do so. We have a strong focus on engineering and innovation, and are seeking individuals who love to find new problems and don’t want to fix the same problem twice.  

The SOC senior manager will be responsible for leading and deploying cybersecurity initiatives.

What You’ll Need

• 10+ years experience working in cyber security
• Experience with incident detection, incident response and remediation
• Strong working knowledge of threat vectors, vulnerabilities, and what anomalies to look for
• Strong working knowledge of Linux and/or Windows logs & indicators
• SIEM and SOAR experience, both building and responding to reports
• One or more scripting languages: Bash, Python, Perl, PowerShell, etc.
• Experience with incident response or monitoring tools, such as SIEM, OSQuery, VisionOne, Kibana, BigQuery, Looker etc.
• Excellent communication skills, especially the ability to communicate security risks in “business” rather than purely “engineering”
• Ability to effectively influence upward and cross-functionally
• Experience with Threat Hunting and building a Threat Intelligence program
• Strong experience in vulnerability management, vulnerability prioritization and remediation. 

What You’ll Do

• Performs and ensures program execution
• Manage SOC roadmap planning and delivery
• Build a team and capability for 24x7 security operations, ensuring that incidents are handled and appropriately documented and closed. 
• Participate in building a security engineering program, working closely with teams worldwide. 
• Logging - Get all security relevant cloud, infrastructure and application logs in a parsed format to a unified destination that has good data retention
• Detection - Set up detection and prevention rules, automations and policies.
• POC and deploy tools that help with detection, tune/audit deployed rules/policies in security tools on true and false positives, setting up a detection framework,  threat intel framework/program, ATO detection program/framework etc.
• Response: Build plan and procedures for Incident Response, create playbooks to be followed, automate response, develop/deploy malware analysis tools and techniques, forensic tools and techniques to capture evidence/malware, POC and deploy tools that help with response, integrate with customer service teams and engineering teams etc.
• Build security alerts & dashboards in various incident response tools. Monitor for suspicious activities/alerts in the cloud/infrastructure/application from various sources such as internal reports from employees as well as external reports such as customers/social media, vendors, partners, bug bounty programs etc., deployed/integrated security tools, data visualization tools etc.
• Analyze these suspicious activities/alerts including malware analysis and forensics
• Search the dark web using our OSINT & other threat intelligence tools to look for unknown compromises of any part of Wayfair
• Understand the latest attack trend and create detections and prevention mechanisms
• Run vulnerability management tooling, prioritizing vulnerabilities and driving remediation of critical issues. 
• Respond to attacks on our supplier/partner/vendor, assess impact and take corrective action i.e. identify and respond to supply chain attacks or loss of PII

About Wayfair Inc.

Wayfair is one of the world’s largest online destinations for the home. Whether you work in our global headquarters in Boston, or in our warehouses or offices throughout the world, we’re reinventing the way people shop for their homes. Through our commitment to industry-leading technology and creative problem-solving, we are confident that Wayfair will be home to the most rewarding work of your career. If you’re looking for rapid growth, constant learning, and dynamic challenges, then you’ll find that amazing career opportunities are knocking.

No matter who you are, Wayfair is a place you can call home. We’re a community of innovators, risk-takers, and trailblazers who celebrate our differences, and know that our unique perspectives make us stronger, smarter, and well-positioned for success. We value and rely on the collective voices of our employees, customers, community, and suppliers to help guide us as we build a better Wayfair – and world – for all. Every voice, every perspective matters. That’s why we’re proud to be an equal opportunity employer. We do not discriminate on the basis of race, color, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, genetic information, or any other legally protected characteristic.

Your personal data is processed in accordance with our Candidate Privacy Notice (https://www.wayfair.com/careers/privacy). If you have any questions or wish to exercise your rights under applicable privacy and data protection laws, please contact us at dataprotectionofficer@wayfair.com.