Security Analyst

Summary

Join GuidePoint Security as a Security Analyst and contribute to a proactive security posture. This remote position, ideally based in the Mid-Atlantic region, requires expertise in security analysis, incident response, and threat detection. You will analyze network traffic, logs, and security tools to identify anomalies and potential attacks. Collaboration with teams and clear communication are crucial. GuidePoint offers a supportive environment with opportunities for professional growth and excellent benefits.

Requirements

• Familiarity with Splunk for investigations, ability to create and run SPL queries
• Understanding of Indicators of Compromise (IOCs)
• Deep understanding of TCP/IP, DNS, DHCP, and similar protocols
• Knowledge of endpoint detection and response (EDR) tools
• Experience with anti-virus and malware analysis
• Familiarity with MITRE ATT&CK and other similar incident response frameworks
• Hands-on experience in triage, containment, and threat eradication
• Basic proficiency in scripting languages (Python, Bash, PowerShell)
• Understand the importance of vulnerability management and scanning

Responsibilities

• Analyze network traffic and identify anomalies
• Interpret logs from systems such as servers, firewalls, and applications
• Identify patterns and detect threats using log correlation across cybersecurity tools
• Use regular expressions (regex) for data parsing
• Analyze and monitor logs and formulate potential attack theories using analytical skills for scenarios
• Exhibit strong critical thinking and problem-solving skillset
• Analyze complex situations and make informed decisions under pressure
• Document incidents and collaborate with teams through strong verbal and written communication skills
• Convey technical concepts to non-technical stakeholders
• Spot anomalies and patterns using keen observational skills
• Collaborate with other analysts, IT teams, and external stakeholders
• Remain calm and flexible in fast-paced, high-pressure environments
• Understand threat actor tactics, techniques, and procedures (TTPs)
• Maintain familiarity and knowledge of emerging threats and vulnerabilities and have the means to obtain relevant information for threat investigations

Preferred Qualifications

• Knowledge of forensic tools
• Familiarity with cloud security practices and tools (AWS GuardDuty, Microsoft Defender for Cloud)
• Previous experience in a SOC or similar role
• Experience with managing real-world incidents
• CompTIA Security+
• GIAC Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Certified Information Systems Security Professional (CISSP)

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) along with 75% employer-paid family contributions
• 100% employer-paid dental premiums (employee only) along with 75% employer-paid family contributions
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option