Senior Security Analyst

June 25

Apply Now

Receive Emails with Similar Jobs

Cyderes

WebsiteLinkedInAll Job Openings

Cyber Defense & Response. It's what we do.

Information Security • Cyber Security • Managed Security Services • SIEM • Cloud Computing

501 - 1000

Description

• Provide overall guidance, instruction, mentorship, and leadership to other Security Analysts • Perform triage and advanced analysis tasks across endpoint, server, and network infrastructure. • Perform Threat Hunting on customer networks to detect, isolate threats and provide recommendations. • Provide proactive security investigation and searches on client environment to detect malicious activities. • Coordinate Incident investigations and deep dive analysis on detected threats. • Understand and identify indicators of attack and compromise in alerts, by hunting through data, and from review of investigation notes. • Have full understanding of the MITRE ATT&CK framework. Mapping clients use cases to tactics and techniques. • Update documentation and runbooks to ensure repeatable analysis. • Actively participate in an after-hours on-call rotation as Incident Controller • Scope customer security incidents • Document, communicate recommendations and guidelines based on results of analysis. • Analyze, review, and provide raw log data for more insight into escalations through SIEM. • Communicate effectively orally and in writing. • Maintain current knowledge and understanding of threat landscape.

Requirements

• 5 or more years of progressing/in-depth IT security experience. • System Administration experience (Windows, Unix/Linux, Mac) • Advanced understanding of networking concepts and ability to analyze network artifacts. • Demonstrate experience in using Endpoint Detection and Response software (Sentinel1, Crowdstrike, Defender ETC.) • Advanced knowledge of at least one leading SIEM platform (Sentinel, Splunk, Elastic, IBM Qradar, Chronicle etc.) • Possess at least one industry certification Sec+, CEH, SANS Certification (e.g. GCIH, GCIA, GSEC, GMON), OSCP etc. or working towards a related certification. • Prior knowledge of SOAR platform such as Siemplify, Forti soar etc. • Expert-level Analysis of security events • Basic scripting or development experience in one of the following languages: Python, JavaScript, PowerShell, bash