Product Security Analyst III

Summary

Join ExtraHop as a Product Security Analyst and contribute to strengthening the security posture of our market-leading cybersecurity products. Collaborate with top professionals, learn and innovate, and grow your skills in cyber, cloud, and product security. You will define and run security operations, including monitoring, incident response, and vulnerability mitigation. This role requires experience in cybersecurity operations and incident response, a foundational understanding of web applications, cloud infrastructure, and container technologies. Your work will directly impact the company's success. The position offers a competitive salary and benefits package.

Requirements

• 4+ years of experience in cyber security or closely related roles
• 2+ years of which should be hands-on experience specifically fulfilling security monitoring, threat hunting and incident response duties
• Bachelors degree or equivalent experience in a related field such as Cybersecurity, Computer Science, Information Systems, Engineering or other technical field
• Direct experience with a modern SIEM platform, including creating dashboards and searches, tuning detections, and responding to alerts
• Direct experience with server endpoint detection & response (EDR)
• Technical knowledge of Linux systems, web application security and cloud security, including security principles and best practices for cloud-based environments
• Proficient with security tools, including vulnerability scanners, ticketing systems
• Strong analytical skills to effectively manage and resolve security issues
• Proven ability to communicate complex security concepts
• Must be a U.S. citizen

Responsibilities

• Work with security information & event management (SIEM), endpoint detection & response (EDR), network detection & response (NDR) tooling and other systems to perform security investigations
• Operate and improve SIEM, EDR, NDR and others tools; implement, evaluate and tune detection rules
• Implement tools and scripts to automate monitoring and response activities
• Perform and/or lead security incident response activities
• Perform threat hunting activities to proactively assess system activity and search for indicators of compromise
• Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections
• Contribute to vulnerability detection and response pipelines, including tools, reporting and tracking
• Triage vulnerabilities; recommend and coordinate remediation actions
• Collaborate with Product Security team members to contribute to standards, policies, procedures, documentation, and training
• Other duties as assigned

Preferred Qualifications

• Direct experience with Splunk Enterprise Security, Crowdstrike Falcon, and ExtraHop RevealX NDR
• Experience with Amazon Web Services (AWS), Google Cloud Platform (GCP), and common compute services and data stores
• Experience working with container-based environments (Kubernetes, Docker, LXC, etc.)
• Holds one or more security certifications

Benefits

• Health, Dental, and Vision Benefits
• Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time
• Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan
• FSA and Dependent Care Accounts + EAP, where applicable
• Educational Reimbursement
• 401k with Employer Match or Pension where applicable
• Pet Insurance (US Only)
• Parental Leave (US Only)
• Hybrid and Remote Work Model