Skip to main content
Groupon Tech and Product Team
R26765

Information Security Engineer

Description

Groupon is a "best of both worlds" kind of company. We're big enough to have resources and scale, but small enough that a single person has a surprising amount of autonomy and can make a meaningful impact. We're curious, fun, a little intense, and kind of obsessed with helping local businesses thrive. Does that sound like a compelling place to work?

The Information Security team is looking for a talented, motivated Information Security professional seeking their next career challenge. This position will build upon a candidate’s existing skill set and background while solving technical challenges at scale. This role provides ample professional growth opportunities in a progressive global organization.

The ideal candidate will be an ambassador for the Information Security team across a global organization tasked with, but not limited to, the following areas:

  • Implement intelligent behavior-based monitoring rules to enhance event correlation capabilities

  • Perform security & risk assessments against critical systems

  • Proactively model threat behaviors to purple team systems and processes

  • Assist in vulnerability remediation and incident handling across global resources

  • Identify operational opportunities to implement security orchestration and automation capabilities

  • Support InfoSec-managed tools and enforcement of global security controls

  • Effectively provide general information security guidance & technology support to the business

The ideal candidate must have experience implementing modern enterprise security standards within a hybrid infrastructure model with a primary focus around an increasingly cloud-based environment.  The candidate will be required to leverage a combination of technical experience and soft skills to effectively design, install, configure, and integrate Information Security tools and processes into Groupon infrastructure and business processes.

The responsibilities and requirements for this security engineering role will expand into other technical information security projects and team responsibilities over time to help ensure the safety of Groupon’s information systems assets and to protect systems from unauthorized access and abuse.


What you get to do:

  • Perform technical security assessments against critical internal systems (LDAP,  authentication and identity management systems, certificate authorities, etc.) as well as external-facing systems using open source and commercial tools, and scripting languages such as Perl, Python, Bash 

  • Lead purple team activities designed to assess internal systems and security processes

  • Provide event-driven security operations responsibilities and identify opportunities for automated security orchestration (SOAR) opportunities

  • Implement analytics-driven rules to enhance and maintain visibility for the Information Security team across endpoint & network activity and audit logs

  • Collaborate with Groupon’s Managed Security Services Provider to remediate identified threats and investigate suspicious activity

  • Perform analyses against large data sets to identify malicious behavior, PII, or sensitive information, while filtering out false positives and unnecessary noise

  • Support endpoint security tools and technologies to help detect and remediate malware detections and identify potential threat activity

  • Prioritize detected threats alongside the business’s needs to improve overall security intelligence, and weed out false positives.

  • Implement new security technologies as required to support a dynamic/challenging business environment

  • Assist in the maintenance/development of security policies and procedures

  • Work with core architecture and Engineering teams to securely integrate SaaS-based solutions and cloud computing platforms

  • Collaborate on Incident Response situations

  • Work with cross-functional teams around security awareness and issues are communicated effectively; ensure security best practices are integrated into all facets of projects including network, system designs/configuration, and implementations.

  • Provide technical and operational security support to Information Technology & Engineering teams, as well as non-technical core business units to Act as an ambassador for the Information Security team and provide technical security support, knowledge, and training to other business units within Groupon

  • Know & maintain the passcode to the air shield

We would like you to have:

  • 5+ years of Information Security experience detecting technical vulnerabilities and security risks in a highly technical, hands-on environment

  • 4+ years of experience leveraging security analytics/SIEM technologies for log collection, analysis, and correlation rules to identify actual security threat events

  • 2+ years experience using and securing cloud computing services such as AWS, Google Cloud, Microsoft Azure, SAML/single-sign-on solutions

Requirements

  • Must possess a basic understanding of core modern computing functions (e.g. TCP, UDP, IPSec, DNS, routing and switching, HTTP response codes & methods, REST API basics, multi-factor authentication technologies

  • Must possess a solid understanding of cryptography basics (public/private keys, TLS certificates, PKI, etc.)

  • Must have experience implementing/working with Security Orchestration, Automation, and Response (SOAR) solutions

  • Must be comfortable and competent using OSX and Linux workstations to effectively use common open source command line & GUI-based tools for network and general troubleshooting (Wireshark, nmap, tcpdump)

  • Demonstrated history of implementing role-based access control (RBAC) security controls to ensure least privileged access

  • Familiar with security controls or concepts related to various security community groups or standards: CISSP Domains, NIST cybersecurity & privacy frameworks, CIS benchmarks, OSI model

  • Proven experience within Incident Response situations and demonstrated ability to handle and maintain confidential information in a professional manner

  • Must possess strong written and verbal communication skills, and be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise

  • Familiar with compliance and privacy regulations such as PCI, GDPR, CCPA, SOX, and other regulations/standards

  • leadership skills and the ability to mentor or provide guidance to teams

  • CISSP, CCSP, or other relevant industry security-focused certifications preferred

  • Bachelor’s Degree or equivalent work experience required

Expected 

  • Must be comfortable working across a geographically distributed environment

  • Must maintain a high level of customer service focus, and exhibit diligence coordinating and executing processes and procedures

  • Strong analytical, problem-solving and decision-making capabilities alongside strong 

  • Must always exhibit integrity, self-motivation, and take initiatives in a professional environment and be results oriented

  • Demonstrated track record staying up-to-date with Information Security and threat intelligence knowledge across the security and tech communities


Groupon’s purpose is to build strong communities through thriving small businesses. To learn more about the world’s largest local ecommerce marketplace, click here for the latest Groupon news. Plus, be sure to check out the values that shape our culture, guide our strategy and make our company a great place to work. And just don’t take our word for it. Hear from real Groupon team members, learn more about our inclusive employee groups, and check out our benefits. If all of this sounds like something that’s a great fit for you, then click apply and let’s see where this takes us.

Groupon is an Equal Opportunity Employer

Qualifications for employment, promotion, and other terms and conditions of employment are based upon the ability to perform the job. Equal-employment opportunities are provided to all applicants and employees without regard to race, creed, religion, color, age, national origin, sex, disability, medical condition, sexual orientation, gender identity or expression, genetic information, ancestry, marital status, military discharge status (excluding dishonorable discharge), veteran status, citizenship status, or other legally protected status. We are all responsible for maintaining this policy. Groupon is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may email us at hraccommodations at groupon.com. If you have concerns related to Groupon’s equal employment opportunities, you may contact Groupon’s Ethics Reporting Service Ethicspoint.

Stay in the Group

Not seeing your next role, or not the right time to apply? Sign up for our talent community and stay up to date with careers at Groupon.

Join Now