Description:
As a Threat Analyst - Tier II on our Managed Detection and Response (MDR ) team, you will provide best-in-class monitoring, detection, and response services to defend customer environments before attacks prevail proactively. You will work alongside and contribute to a team of cyber threat hunters, incident response analysts, engineers, and ethical hackers by using enterprise, log analysis and endpoint collection systems to facilitate investigations, identification, and neutralization of cyber threats.
What You Will Do
- Conduct threat hunting to identify potential threats throughout the MDR customer base
- Handle escalations from Tier I Threat Analysts - guide / advise on investigation handling
- Onboard and train new Threat Analysts
- Provide detection and response to security events and cyber-threats
- Conduct security log management and monitoring
- Maintain information security metrics
- Create cases, track and follow up with clients through threat neutralization
- Interact with clients via various mediums
- Participate in Security Operations process improvement and creation
- Collaborate and assist core security and threat response teams
- Obtain metrics for reporting on threat trends, intelligence analysis and situational awareness
- Actively research recent Indicators or Compromise/Attack, exploits and vulnerabilities
- 2+ years of experience working in a SOC environment or computer security team in an IT environment
- Endpoint and network security experience required; IDS, IPS, EDR, ATP, Malware defenses and monitoring experience
- Experience with threat hunting
- Experience administering and supporting Windows OS (both workstations and server) and one of the following: Apple or Linux-based operating systems (e.g. XP, Windows 7, 2003, 2008, OS X)
- Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, defense evasion, etc
- Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc
- Strong understanding of Windows event log analysis
- Working knowledge of incident response procedures
- Excellent troubleshooting and analytical thinking skills
- Must be able to thrive within a team environment as well as on an individual basis
- Customer service-oriented with strong documentation and communication skills
- Passion for all things information technology and information security
- Natural curiosity and ability to learn new skills quickly
- Ability to think outside the box
- Innovative mindset and driven to contribute to a team providing a best-in-class cybersecurity service
- Bachelors in Information Technology, Computer Science or a related field; or relevant commensurate work experience
- Willingness to work 1 weekend per month