Who are we?
UpGuard’s mission is to protect the world’s data. We obsessively seek out elegant, robust ways to enable our customers to find, acknowledge, and remediate cyber risk. With UpGuard, organizations leverage our security expertise and software to automate what were once laborious, spreadsheet-driven processes–whether it's monitoring the attack surface of hundreds of vendors or assessing the security of their own infrastructure. UpGuard is used by some of the world’s largest, fastest growing and most innovative companies.
Why are we hiring this role?
UpGuard provides a Data Leaks service to our customers and with our current growth, are looking for someone to come on board and own the data leaks program for enterprise customers. You will be responsible for using our proprietary leak detection engine to detect and investigate customers' potential leaks of credentials, personal information, and business secrets.
As part of our team, you'll work with other researchers to improve our leak detection methodologies, and interact with customers to understand their risks and guide leak remediation. You are as comfortable investigating large data collections on a computer as you are in front of stakeholders.
What will you accomplish?
Research and evaluate new vectors which may lead to unnecessary data exposureDevelop, create systems and utilise in-house tools to discover, analyse and evaluate potential external exposures of customers/prospectsResearch, evaluate, review inefficiencies and report on potential exposures for customers, prospects and partnered organisationsWork with customers and prospective customers to determine their required solutions and scopeIdentify, investigate and analyse prospects and customers business processes, procedures and work practices to determine risksIdentify and evaluate inefficiencies in customer vendor/security management process/practises/system functionalityFormulate product requirements based on user feedbackCreate user and training documentation for customers and conduct user groups/training when requiredLend expertise, advice and recommendations to media and governmental organisations on the subject of data exposure and breachesManage and organise large amounts of data gathered from multiple sources and analyse it for risks posed to our customers
What do we need from you?
Strong understanding of concepts in information security and knowledge of issues in cloud computer securityFamiliarity with methods for reconnaissance using OSINTExperience identifying and analyzing data exposures with an awareness of rules for responsible disclosureUnderstand how to discover, identify, and attribute sensitive data in public code repositories, cloud storage containers, exposed databases and misconfigured websitesKeen ability to design and automate your work and effectivenessHighly collaborative and can effectively give and receive transparent feedbackExcellent written and spoken communication skills and have the ability to translate highly technical subjects in layman’s termsA keen sense of curiosity and ability to find unconventional solutions to difficult problems
What would give you an edge?
A programming backgroundExperience or a keen interest in cybersecurity
What's in it for you?
Rapidly growing user base: Work directly with some of the world’s largest, fastest growing, and most innovative companiesInteresting problems, at scale: Deeply explore the ever-evolving world of cybersecurity, with a platform processing billions of data points dailyLearn from industry-leading experts: Our security research has been featured in The New York Times, The New Yorker, The Washington Post, TechCrunch, Bloomberg, Gizmodo, Engadget, Forbes, ZDNet, and The GuardianImpact: See the impact of your work on a daily basis, with data and impact available on dashboards you have access toGenerous compensation: Extremely competitive base salary and equity Great perks: Free lunch, flexible work arrangements, and gym reimbursement
Before starting work with us, you will need to undertake a national police history check and referee checks.