Huntress is hiring a
Principal Security Operations Center Analyst

Summary

Join the hunt and help us stop hackers in their tracks! Huntress seeks a Principal Security Operations Center Analyst based in Australia to join our quickly growing team. In this role, you will triage, investigate, respond to, and remediate intrusions daily.

Requirements

• 6+ years experience in a SOC, Incident Response, or Forensics role
• Ability to explain possible complex alerts/events in a non-complex way, both written and verbal
• Proven mentoring experience and skills to junior team members, helping them to grow individually and as a team
• Understanding of Malware Analysis (Configuration of isolated Malware Analysis VM, Identification of File Formats, Basic Static & Dynamic analysis)
• Demonstrated experience with Windows and/or MacOS as an attack surface
• Strong understanding and experience with Threat Actor Tools and techniques: (MITRE ATT&CK Framework, PowerShell & Command Prompt Terminals, WMIC, Scheduled Tasks, SCM, Windows Domain and host Enumeration Techniques, Basic Lateral Movement Techniques, Basic Persistence Mechanisms, Basic Defense Evasion Techniques, other offensive/Red Team TTPs)
• Strong experience with Windows Administration or Enterprise Domain Administration and upkeep (Active Directory, Group Policy, PowerShell, Windows Server Update Service, and Domain Trusts)
• Strong experience with M365/Cloud attack techniques
• Demonstrated equivalent of self-guided study experience or Bachelor’s degree in Information Technology, Computer Science, System Administration, or Cyber Security

Responsibilities

• Function as the lead liaison between the SOC and other Product and Research teams
• Build automation to help reduce the workload on the SOC through report template creation
• Own and complete investigative objectives associated with multi-host intrusions without assistance
• Triage, investigate, and respond to alerts coming in from the Huntress platform
• Perform tactical forensic timelining and analysis to determine the root cause of attacks where possible and provide remediations needed to remove the threat
• Perform advanced malware analysis as part of investigating systems and identities
• Investigate suspicious Microsoft M365 activity and provide remediations
• Assist in escalations from the product support team for threat-related and SOC-relevant questions
• Assist our SOC Support team by engaging with customers via video/phone to explain or describe activity observed by the SOC when needed
• Contribute to detection efforts by helping to create or request net new detections as well as tuning detections
• Provide technical mentorship of more junior team members
• Contribute regularly to external facing Huntress content such as blogs, webinars, presentations, and speaking engagements

Benefits

• Fully remote work
• 1-2 trips to the US annually for events such as Sales Kick-Off and Summer Summit!
• New starter home office set up reimbursement ($731 AUD)
• Generous personal leave entitlements
• Digital monthly reimbursement ($169 AUD)
• Superannuation
• Healthcare Benefits
• Access to the BetterUp platform for coaching, personal, and professional growth