IT Systems and Security Analyst
Founded in Silicon Valley in 2009 by Marc Andreessen and Ben Horowitz, Andreessen Horowitz (known as "a16z") is a venture capital firm that backs bold entrepreneurs building the future through technology. We are stage agnostic: We invest in seed to venture to late-stage technology companies, across bio + healthcare, consumer, crypto, enterprise, fintech, games, and companies building toward American dynamism. a16z has $35B in assets under management across multiple funds.
We’ve established a team that is defined by respect for the entrepreneur and the company-building process; we know what it’s like to be in the founder’s shoes. We’ve invested in companies like Affirm, Airbnb, Coinbase, Databricks, Devoted Health, EQRx, Figma, GitHub, Instacart, OpenSea, Roblox, Stripe, and Substack. Our team is at the forefront of new technology, helping founders and their companies impact and change the world.
As part of the IT Engineering & Security team, you will help maintain IT infrastructure, internal platforms, and security across the company. The IT System and Security Analyst delivers effective and efficient intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for a16z’s various funds. The mission is to play a leading role in a16z’s efforts to protect its operations, personnel and information systems against online threats and unauthorized use.
The IT System and Security Analyst will help develop and drive a16z’s strategy for automated security detection and response capabilities. These services focus on understanding the evolving threat landscape--external and internal--through proactive threat research resulting in new and innovative ways to automate threat detection. This includes developing and improving automated content, tools, and processes that optimize efficiency and resources. This role will work in collaboration with Information Technology and Corporate Security to jointly investigate and manage the threat landscape.
To join our team, you should be excited to:
- Develop and cultivate long-term relationships.
- Review new and existing internal projects and implement security best practices across all systems and make recommendations for constant improvement to the firm's cybersecurity posture.
- Monitor and respond to Security Events, including isolating, mitigating, and investigating active threats, as well as setting up preventive measures.
- Conduct log analysis and other network forensic investigations.
- Apply the best security practices to reduce & mitigate unauthorized access to services and data.
- Own our vendors onboarding and due diligence processes to ensure new technology adhere to established compliance and cybersecurity baselines.
- Work on cybersecurity initiatives and collaborate with the CyberSecurity and IT partners.
- Document existing and ongoing changes to all the systems and infrastructure.
- Advocate for the security culture of the organization, including collaborating with stakeholders across the company.
- Audit VIP personal security posture on an ongoing basis and recommend changes as needed.
- Continue to develop and hone your skills by attending security summits and staying on top of the latest developments in the cyber security space.
- 3+ year relevant experience.
- Proficiency in Python with a strong emphasis on Test-Driven Development.
- Comfortability with git, GitHub, and version control.
- Familiarity with Cloud Services such as IaaS, PaaS, SaaS.
- Ability to provide thorough and thoughtful code reviews.
- Integration of innovative technology to improve data collection and analysis for strategic alignment with a security monitoring strategy.
- Experience in leveraging security detection technologies such as SIEM, Big Data, and Machine Learning.
- Ability to analyze threat actor tactics, techniques, and procedures (TTPs), in order to instrument cyber threat indicators, and ongoing automation and engineering to support the detection lifecycle.
- Knowledge of computer network defense and security architecture principles, as well as application security and DevSecOps processes in order to further detection capabilities.
- Ability to build relationships and trust at all levels, including our Risk Committee, leadership, other internal security teams, and the broader cyber security community.
- Excellent written and verbal communication, facilitation, leadership, and presentation skills.
- Nice to have: GCIH, GCFA, GCFE, GSEC, CompTIA Security +, Network +, etc.
- We do only first class business and only in a first class way
- We take a long view of relationships, because we are in the relationship business
- We believe in the future and bet the firm that way
- We are all different, we recognize that, and we win
- We celebrate the good times
- We do it for the team
- We play to win
At a16z we are always looking to hire the absolute best talent and recognize that diversity in our experiences and backgrounds is what makes us stronger. We hire candidates of any race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or family status, disability, Veteran status, and any other status. These differences are what enables us to work towards the future we envision for ourselves, our portfolio companies, and the World.
Andreessen Horowitz hereby reserves the right to make use of any unsolicited resumes received from outside recruiting agencies and / or individual recruiters without being responsible for payment of any fees asserted from the use of unsolicited resumes.
Your application has been successfully submitted.
Andreessen Horowitz (known as "a16z") is a venture capital firm in Silicon Valley, California, that backs bold entrepreneurs building the future throu...