Cyber Threat Detection Engineer (GHOST Team)

We exist to wow our customers. We know we’re doing the right thing when we hear our customers say, “How did we ever live without Coupang?” Born out of an obsession to make shopping, eating, and living easier than ever, we’re collectively disrupting the multi-billion dollar e-commerce industry from the ground up. We are one of the fastest-growing ecommerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce.

We are proud to have the best of both worlds — a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurial surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day.

Our mission to build the future of commerce is real. We push the boundaries of what’s possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world.

Job Overview

GHOST(Global Hunting Oversight and Strategic Triage) team is the leader in advanced threat detection and strategic threat hunting, specializing in identifying and mitigating sophisticated cyber threat.

Our mission is to strengthen and elevate security resilience in Coupang.  For that mission, GHOST team is seeking a specialist to manage the creation, optimization, and maintenance of detection rules for security threat identification. This role involves close collaboration with cyber threat intelligence analysts, threat hunters, Red team, Blue team, security architecture experts, compliance and governance specialists, developers, DBAs, PMOs, and others to ensure the accurate detection of sophisticated cyber threats.

The importance of this role lies in the fact that potential risks move from unseen areas to visible ones through detection. This work makes things difficult for threat actors while reassuring customers. We are looking for responsible colleagues who agree with the value of detection.

Key Responsibilities

• Develop and implement new detection rules to identify potential security threats across various platforms and environments. It includes defining latest threat information.
• Continuously refine detection rules to improve accuracy, efficiency, and reduce false positive, ensuring optimal performance of the rules.
• Work closely with internal teams to integrate various threat use cases.
• Ensure continuous assurance by rigorously testing detection rules before deployment and consistently validating their performance post-deployment.
• Enhance security detection maturity tailored to Coupang environment.
• Maintain comprehensive documentation of all rule creation, updates, and optimizations.
• Actively contribute to company-wide and key projects from a detection perspective.
• Improve the workflow of detection and implementing innovative process.

Basic Qualifications

• 7+ years of work experience in information security and 2+ years of detection engineer.
• Knowledge about and experience with the security threat trends, breaches and defense techniques and malware.
• Proficient in writing a variety of queries in SIEM, particularly Splunk.
• Experience with various log analysis.
• Experience with various security solutions such as EDR, IPS, etc.
• Knowledge of security frameworks like MITRE ATT&CK.
• Experience in cloud security, particularly with AWS.
• Documentation and communication skills.

Preferred Qualifications:

• Experience in conducting simulations for threat detection
• E-commerce industry-specific security threat expertise.
• Experience with threat hunting, threat intelligence, incident analyst, or security architecture.
• Experience in detecting or responding to insider threats.
• Computer Science, Computer Engineering, or related technical Degree.
• The certifications of IT security or IT infrastructure.
• Programming language (Ideally Python scripting)
• Intermediate to advanced English skills (written and verbal) are required to communicate technical information clearly to global teams and management.