Threat Detection Engineer - Security Researcher - Incident Response Specialist

5 days ago

Apply Now

Receive Emails with Similar Jobs

hatch I.T.

WebsiteLinkedInAll Job Openings

Connecting software engineers with tech startups. Reinventing the way early-stage and high-growth startups scale.

Software Development Recruiting • Technology Startups • Startup Recruiting • Venture Capital • Technology Recruiting

11 - 50

Description

• Work within the 24x7 Security Operations Center as part of the Managed Security Services Division, monitoring and managing security events and incidents for multiple clients. • Develop, configure, and audit alerts across various security platforms, including Splunk, SentinelOne, and Microsoft Defender, to identify potential threats based on established frameworks such as MITRE ATT&CK and other relevant methodologies. • Proactively conduct threat-hunting activities in customer environments to identify and mitigate potential security threats that may have evaded automated detection controls. • Lead and manage incident response efforts, including investigation, containment, eradication, and recovery activities, to minimize the impact of security incidents for our clients. • Collaborate with internal and external stakeholders to effectively communicate the scope and severity of security incidents, ensuring timely and efficient resolution. • Provide mentorship and guidance to Junior Analysts, fostering their growth and development in cybersecurity skills and knowledge. • Conduct in-depth research on emerging threats, vulnerabilities, and attack techniques to continuously improve detection and response strategies. • Utilize your expertise in MITRE ATT&CK and other threat frameworks to continuously enhance threat detection capabilities and improve security posture for our clients. • Utilize forensics tools and techniques to analyze compromised systems and uncover the root cause of incidents. Experience with forensic tools such as Magnet Forensics, EnCase, FTK, or similar is required. • Create detailed incident reports, threat assessments, and technical documentation to support incident response and provide actionable recommendations to clients. • Stay current with emerging threats, vulnerabilities, and technology trends. Contribute to the continuous improvement of SOC processes, tools, methodologies, and personnel. • Serve as a primary point of contact for clients during incidents, providing expert guidance, support, and clear communication throughout the response process.

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent experience. • 5+ years of experience in cybersecurity, with a focus on threat analysis, threat hunting, and incident response. • Experience working in a Security Operations Center (SOC) • Deep understanding of security frameworks such as MITRE ATT&CK, Cyber Kill Chain, NIST, etc. • Proven experience creating, configuring, and auditing security alerts in platforms such as Splunk, SentinelOne, and Microsoft Defender. • Experience with forensics tools such as Magnet, EnCase, FTK, or similar, with the ability to perform detailed analysis of compromised systems. • Demonstrated experience in leading and managing incident response efforts, including forensic analysis, malware analysis, and network traffic analysis. • Strong analytical and problem-solving skills, with the ability to think critically and work under pressure. • Excellent communication and interpersonal skills, with a demonstrated ability to effectively convey complex technical information to non-technical stakeholders. • Experience and desire to mentor and train junior team members • Relevant certifications preferred (e.g., GIAC, GCIH, GCFA, CEH, CISSP, etc.). • Must be authorized to work in the United States