Senior Security Operations Analyst
United States
Full Time
2 hours ago
No Visa Sponsorship
Key skills
Cyber SecurityFirewallsiOSLinuxPythonSplunkBashPowerShellLeadershipMentoringCritical Thinking
About this role
Role Overview
- Guiding a hybrid team of security analysts tasked to detect, Triage, analyze, respond, and report cybersecurity incidents
- Performing advanced analysis and assisting with incident response
- Using experience, knowledge, and critical thinking to perform CSOC duties with minimal guidance
- Mentoring more junior analysts on the solution
- Facilitating and overseeing execution of day-to-day directions given by CSOC Manager
- Documenting and communicating findings and after-action reports to the entire security team
- Reviewing investigations and performing QA/QC
- Driving alert logic refinement through tuning and whitelisting
- Training and mentoring Associate and Mid-level Analysts
- Performing Tier 3 On Call rotations to include Weekends or Nights
- Supporting IR Investigations – Incident coordination by assignment of Work Streams and creation of reports
- Serving as the technical escalation point for the CSOC team
- Providing ad-hoc training to team members
- Performing CSOC maturity projects under the guidance of Cyber Operations Leadership
- Partnering with Security Engineering teams to enhance features and capabilities within current security tooling
Requirements
- 5
- 7 years of relevant experience or equivalent demonstratable knowledge & skill set
- Ability to think critically to solve problems with minimal guidance
- Ability to perform comprehensive Incident, root cause analysis and write technical reports
- The ability to conduct investigations on multiple operating systems such as Linux, iOS, and Windows
- Experience performing manual log analysis from a variety of host-based and network-based sources
- The ability to conduct security investigations without the assistance of pre-extracted data or pre-established queries across multiple platforms such as Splunk, OS CLI/Terminal, Sentinel One, etc.
- Experience using modern CSOC/Fusion Center enterprise security suite
- Familiarity with Digital Forensics and Incident Response (DFIR) concepts
- Experience participating in CIRT/CSIRT investigations
- Knowledge of exploits, vulnerabilities, malware families and common attack vectors
- Scripting (Python, PowerShell, bash), regex experience is a plus
- Experience with firewalls, intrusion detection/prevention systems
- Intermediate or higher Security Certifications are a plus
- CYSA+, CISSP, CFR, CHFI, GCIH, GCFA, or GNFA, PenTest+, OSCP, etc.
Tech Stack
- Cyber Security
- Firewalls
- iOS
- Linux
- Python
- Splunk
Benefits
- Thoughtfully curated benefits
- Tools to explore and grow
- Health insurance