Security Analyst II

Summary

Join Deepwatch's team of world-class cybersecurity professionals and contribute to protecting organizations from ever-increasing cyber threats. As a Security Analyst II, you'll support incident handling processes, provide in-depth analysis, and work with customers and leadership to surface and resolve concerns.

Requirements

• Have a strong understanding of cyber security principles, concepts and practices including the ability to perform a complete and thorough incident investigation and triage with very limited support from Analyst III’s
• Know your way around SIEM platforms (Splunk preferred), how to perform queries and leverage various log sources to perform investigations
• Operate autonomously requiring minimal support on investigative actions
• Support Analyst I and learn from Analyst III when you need helping hand
• Competency with in-depth header analysis, hashes and Windows/macOS/Linux logs
• Demonstrate the ability to pivot to other log sources, cloud systems or consoles to perform a comprehensive analysis from multiple data sources
• Have a basic understanding of modern EDR, email security and cloud identity platforms
• A desire to support others and uplift the program and team through updating training materials and SOPs
• Strong written and verbal communication skills including the ability to write well-written reports and analysis that’s thorough, accurate and complete
• Provide the customer with a complete understanding of the investigation

Responsibilities

• Support incident handling processes across multiple platforms and security technologies including Windows, Linux and macOS
• Provide in depth analysis from escalated requests originating from Security Analyst 1
• Validate suspicious events by performing investigations using SIEM and SOAR technologies, leveraging Deepwatch proprietary tooling, intelligence and OSINT, TTPs and IOCs
• Identify gaps in customer environments, data ingested or configuration errors which reduce telemetry quality
• Work with customer and leadership to surface and resolve concerns
• Provide support to Security Analyst I including coaching and training as necessary
• Leverage your knowledge of Alert Triage, SOC Operations, and Defense in Depth (DiD) to contribute to projects for overall customer success
• Produce high-quality written and verbal communications, recommendations, and findings to customer management in a timely manner
• Surface opportunities for improvement in the squad and for the customer and be a change agent for measurably improving our customer security posture and experience
• Continue to sharpen your skills and capabilities on the job, and through the Deepwatch development program

Benefits

• Medical, dental, vision, and disability insurance
• Flexible Time Off (FTO), 9 company holidays, sick leave and 8-Weeks Paid Parental Leave
• Unique professional development benefits, starting at $3,000 annually
• Wellness contests and monthly educational programs
• 401(K) retirement program with employer match