Security Engineer - Incident Response

Peloton

Access high-energy workouts, instantly. Discover Peloton: streaming fitness classes to you live and on-demand.

Peloton continues to grow and deliver the connected fitness platform of the future to help our members be the best version of themselves. As a technology-enabled business, our approach to security operations must evolve and grow alongside our services and members. We are looking for a Security Engineer with a diverse set of skills that can thrive in a challenging, fast-paced, and rewarding environment. We do not have a traditional SOC tier structure, so you can expect to help us improve our detections as well as create additional detections, build automations, and research & help define the solutions roadmap to achieve scale. The right candidate should have a strong focus on results, be self-driven, and be excited by working on a diverse set of problems, threats, and alerts.

YOUR DAILY IMPACT AT PELOTON

• Directly support Peloton’s Security Program while conducting in-depth research and strategic analysis of intelligence data from various sources to leverage in threat hunting.
• Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats.
• Provide intel-driven insights into existing and emerging threats, using insights to search Peloton enterprise for activity that is anomalous and/or malicious.
• Work with Security Engineering and the Security Operations Center to baseline user behaviors and events as well as build out new detections and response workflows.
• Provide triage support for incident response and investigation efforts as part of Peloton’s Security and Operations team and other internal teams.
• Recommend and build countermeasures based on threat analysis, intelligence, and forecasting.
• Develop, implement, and maintain security incident playbooks/runbooks.
• Prepare and present analysis with findings and recommendations in the form of briefings, reports, and dashboards to managers, various team leads, and senior leadership as required.

YOU BRING TO PELOTON

• Minimum 3 years in Information Security .
• Experience in incident response or threat detection required; we value in-depth knowledge of cloud environments (AWS, GCP, Azure, Kubernetes), SaaS platforms (O365, Google Workspace), or IAM.
• Experience with Automation specifically for Incident Handling / SOAR .
• Expert experience with SIEM tools or data lakes.
• Experience with dissecting attacker methodologies and techniques and/or EDR tooling .
• Excellent analytical and problem-solving skills.
• A learning mindset and excitement for learning new technologies or security areas.
• Previous experience in cloud-native or tech environments.

ABOUT THE ROLE

Peloton continues to grow and deliver the connected fitness platform of the future to help our members be the best version of themselves. As a technology-enabled business, our approach to security operations must evolve and grow alongside our services and members. We are looking for a Security Engineer with a diverse set of skills that can thrive in a challenging, fast-paced, and rewarding environment. We do not have a traditional SOC tier structure, so you can expect to help us improve our detections as well as create additional detections, build automations, and research & help define the solutions roadmap to achieve scale. The right candidate should have a strong focus on results, be self-driven, and be excited by working on a diverse set of problems, threats, and alerts.

YOUR DAILY IMPACT AT PELOTON

• Directly support Peloton’s Security Program while conducting in-depth research and strategic analysis of intelligence data from various sources to leverage in threat hunting.
• Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats.
• Provide intel-driven insights into existing and emerging threats, using insights to search Peloton enterprise for activity that is anomalous and/or malicious.
• Work with Security Engineering and the Security Operations Center to baseline user behaviors and events as well as build out new detections and response workflows.
• Provide triage support for incident response and investigation efforts as part of Peloton’s Security and Operations team and other internal teams.
• Recommend and build countermeasures based on threat analysis, intelligence, and forecasting.
• Develop, implement, and maintain security incident playbooks/runbooks.
• Prepare and present analysis with findings and recommendations in the form of briefings, reports, and dashboards to managers, various team leads, and senior leadership as required.

YOU BRING TO PELOTON

• Minimum 3 years in Information Security .
• Experience in incident response or threat detection required; we value in-depth knowledge of cloud environments (AWS, GCP, Azure, Kubernetes), SaaS platforms (O365, Google Workspace), or IAM.
• Strong knowledge of Incident Response principles and processes .
• Experience with Automation specifically for Incident Handling / SOAR .
• Expert experience with SIEM tools or data lakes.
• Experience with dissecting attacker methodologies and techniques and/or EDR tooling .
• Excellent analytical and problem-solving skills.
• A learning mindset and excitement for learning new technologies or security areas.
• Bonus points for:
• Previous experience in cloud-native or tech environments.
• Network or MacOS knowledge.
• Programming/Scripting experience.
• Security certifications.

ABOUT PELOTON:

Peloton (NASDAQ: PTON), provides Members with expert instruction, and world-class content to create impactful and entertaining workout experiences for anyone, anywhere and at any stage in their fitness journey. At home, outdoors, traveling, or at the gym, Peloton brings together immersive classes, cutting-edge technology and hardware, and the Peloton App with multiple tiers to personalize the Peloton experience (with or without equipment). Founded in 2012 and headquartered in New York City, Peloton has millions of Members across the US, UK, Canada, Germany, Australia, and Austria. For more information, visit

At Peloton, we motivate the world to live better. “Together We Go Far” means that we are greater than the sum of our parts, stronger collectively when each one of us is at our best. By combining hardware, software, content, retail, apparel, manufacturing, Member support, and so much more, we deliver an exhilarating fitness experience that unlocks our members' greatness. Join our team to unlock yours.

Peloton is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. Equal employment opportunity has been, and will continue to be, a fundamental principle at Peloton, where all team members, applicants, and other covered persons are considered on the basis of their personal capabilities and qualifications without discrimination because of race, color, religion, sex, age, national origin, disability, pregnancy, genetic information, military or veteran status, sexual orientation, gender identity or expression, marital and civil partnership/union status, alienage or citizenship status, creed, genetic predisposition or carrier status, unemployment status, familial status, domestic violence, sexual violence or stalking victim status, caregiver status, or any other protected characteristic as established by applicable law.

#J-18808-Ljbffr