Security Analyst, Managed Detection & Response

Summary

Join At-Bay's Security team as a Security Analyst (MDR) and contribute to a fast-growing InsurSec company protecting small businesses from digital risks. You will provide first-line security monitoring services, utilizing various security tools and technologies. Responsibilities include operating and tuning security monitoring tools, identifying and analyzing anomalous activity, triaging event data, and escalating potential threats. You will also participate in incident response and develop customer relationships. The ideal candidate possesses relevant experience in cybersecurity operations, incident response, or a related field, along with strong communication skills. At-Bay offers a competitive salary and a dynamic work environment.

Requirements

• Previous EDR, MDR, XDR, security monitoring, or incident response experience
• Strong oral and written communications skills
• Previous hands-on experience performing security operations including several of the following: Security monitoring using a variety of endpoint and network tools
• Deployment, tuning, and operation of security tools from vendors such as CrowdStrike, SentinelOne, and others
• Deployment, tuning, and operation of SIEM or other tools used to aggregate and analyze security-relevant data
• Triage and analysis of potential indicators of compromise
• Performing rapid response to contain and/or remediate potentially malicious activity
• Development and analysis of cyber threat intelligence
• Participation in investigations involving digital evidence
• Intrusion detection / cyber threat hunting
• Malware analysis
• Previous hands-on experience working in information technology operations (e.g., Network Operations Center, Security Operations Center, Incident Response Team, etc.)
• Bachelor’s degree or equivalent
• Minimum of 2 years of experience in cybersecurity operations, incident response, or another security discipline
• Willingness to travel as needed to perform job functions

Responsibilities

• Operate and tune security monitoring tools including Endpoint Detection & Response (EDR), network monitoring, email security, Data Loss Prevention (DLP), Security Information and Event Management (SIEM), security automation tools, and others as needed
• Identify and analyze anomalous activity in customer technology environments
• Triage of event data to identity potential indicators of compromise
• Escalate potentially malicious activity to engage incident responders where necessary
• Participate in incident investigation, containment, remediation, and recovery activities where necessary
• Develop and maintain customer relationships to facilitate delivery of MDR services
• Develop and deliver reports on identified activity to customer stakeholders as needed

Preferred Qualifications

• Significant undergraduate or graduate coursework in computer science, computer engineering, information systems, or cybersecurity
• Preferred candidates will have a mix of cybersecurity experience including either security operations or security engineering / architecture
• Knowledge of cloud environments including knowledge of cloud security products and services offered by major cloud service providers (e.g., AWS, Azure, Google)
• One or more industry cybersecurity certifications (e.g., GCIH, Security+, CISSP, etc.)

Benefits

Our estimated base pay range for this role is $80,000-$110,000 per year