Principal Security Operations Center Analyst

August 10

Apply Now

Receive Emails with Similar Jobs

Huntress

WebsiteLinkedInAll Job Openings

Managed endpoint protection, detection and response for the 99% who need it most.

Cyber Breach Detection • Incident Response • Endpoint Protection • Malware Analysis • Managed Services

201 - 500

Description

• Function as the lead liaison between the SOC and other Product and Research teams • Build automation to help reduce the workload on the SOC through report template creation • Own and complete investigative objectives associated with multi-host intrusions without assistance • Triage, investigate, and respond to alerts coming in from the Huntress platform • Perform tactical forensic timelining and analysis to determine the root cause of attacks where possible and provide remediations needed to remove the threat • Perform advanced malware analysis as part of investigating systems and identities • Investigate suspicious Microsoft M365 activity and provide remediations • Assist in escalations from the product support team for threat-related and SOC-relevant questions • Assist our SOC Support team by engaging with customers via video/phone to explain or describe activity observed by the SOC when needed • Contribute to detection efforts by helping to create or request net new detections as well as tuning detections • Provide technical mentorship of more junior team members • Contribute regularly to external facing Huntress content such as blogs, webinars, presentations, and speaking engagements

Requirements

• Located within the US Pacific Time Zone • 6+ years experience in a SOC, Incident Response, or Forensics role • Ability to explain possible complex alerts/events in a non-complex way, both written and verbal • Proven mentoring experience and skills to junior team members, helping them to grow individually and as a team • Understanding of Malware Analysis (Configuration of isolated Malware Analysis VM, Identification of File Formats, Basic Static & Dynamic analysis) • Demonstrated experience with Windows and/or MacOS as an attack surface • Strong understanding and experience with Threat Actor Tools and techniques: (MITRE ATT&CK Framework, PowerShell & Command Prompt Terminals, WMIC, Scheduled Tasks, SCM, Windows Domain and host Enumeration Techniques, Basic Lateral Movement Techniques, Basic Persistence Mechanisms, Basic Defense Evasion Techniques, other offensive/Red Team TTPs) • Strong experience with Windows Administration or Enterprise Domain Administration and upkeep (Active Directory, Group Policy, PowerShell, Windows Server Update Service, and Domain Trusts) • Strong experience with M365/Cloud attack techniques • Demonstrated equivalent of self-guided study experience or Bachelor’s degree in Information Technology, Computer Science, System Administration, or Cyber Security

Benefits

• 100% remote work environment - since our founding in 2015 • Generous paid time off policy, including vacation, sick time, and paid holidays • 12 weeks of paid parental leave • Highly competitive and comprehensive medical, dental, and vision benefits plans • 401(k) with a 5% contribution regardless of employee contribution • Life and Disability insurance plans • Stock options for all full-time employees • One-time $500 reimbursement for building/upgrading home office • Annual allowance for education and professional development assistance • $75 USD/month digital reimbursement • Access to the BetterUp platform for coaching, personal, and professional growth