Security Operations Analyst

Summary

Join Huntress, a fully remote global cybersecurity team, as a Security Operations Center Analyst. Triage, investigate, and respond to security alerts; perform malware analysis; investigate suspicious M365 activity; assist the Product Support team; contribute to detection engineering; and participate in projects focused on improving analyst and partner outcomes. This role requires 2+ years of SOC or DFIR experience, demonstrated experience with Windows, Linux, and MacOS, and familiarity with threat actor tools and techniques. The position offers a competitive salary, bonus, equity, and a comprehensive benefits package. The initial work schedule is Monday-Friday, but may change to include weekends or a 4x10 shift after training. The role is remote in the Pacific Timezone.

Requirements

• 2+ years experience in a SOC or Digital Forensics (DFIR) role
• Demonstrated experience with Windows, Linux, and MacOS as an attack surface
• Demonstrated experience with basic Threat Actor tools and techniques: (MITRE ATT&CK Framework, PowerShell & Command Prompt Terminals, WMIC, Scheduled Tasks, SCM, Windows Domain and host Enumeration Techniques, Basic Lateral Movement Techniques, Basic Persistence Mechanisms, Basic Defense Evasion Techniques, other offensive/Red Team TTPs)
• Demonstrated experience with static and dynamic malware analysis concepts
• Working knowledge of Windows Administration or Enterprise Domain Administration
• Active Directory, Group Policy, Domain Trusts, etc
• Working knowledge of core networking concepts
• Common ports/protocols, NAT, Public/Private IPs, VLANs, etc
• Working knowledge of web technologies and concepts
• Web servers/applications, OWASP top 10, etc
• Effective communication skills, with the ability to explain complex events to less technical audiences, enabling effective cross-functional collaboration within the SOC and across departments
• Dedicated to prioritizing and addressing customer needs and concerns in all decision-making processes
• A strong sense of curiosity and a genuine excitement for learning

Responsibilities

• Triage, investigate, and respond to alerts coming in from the Huntress platform
• Perform tactical review of EDR telemetry, log sources, and forensic artifacts to determine the root cause of attacks where possible and provide remediations needed to remove the threat
• Perform tactical malware analysis as part of investigating and triaging alerts
• Investigate suspicious Microsoft M365 activity and provide remediations
• Assist in escalations from the Product Support team for threat-related and SOC-relevant questions
• Contribute to detection engineering creation and tuning efforts
• Contribute to projects focused on driving better outcomes for our analysts and partners
• Contribute to our collaboratively mentored team (we're all here to make each other better!)

Preferred Qualifications

• Previous experience in an MSP/MSSP/MDR role
• Linux and MacOS investigative experience
• Experience with scripting languages (such as PowerShell, Python, Bash, PHP, JavaScript, or Ruby)
• Demonstrated experience on platforms such as HackTheBox, TryHackMe, Blue Team Labs Online, etc
• Demonstrated experience with Cloud-based investigations such as M365, Azure, AWS, GCP, etc
• Participation in cybersecurity competitions such as Capture the Flags, the Collegiate Cyber Defense Competition, etc
• Familiarity with MSP tools such as RMMs

Benefits

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth