Threat Analyst

Summary

Join Coalition, a leading Active Insurance provider, as a Threat Analyst to contribute to our Managed Detection and Response (MDR) security program. This remote role, based in the western United States/Canada, involves monitoring and analyzing security alerts from EDR platforms, investigating and responding to incidents, performing forensic analysis, and collaborating with a team of security professionals. You will develop incident reports, maintain detection rules, and stay updated on emerging threats. This position offers opportunities for growth and exposure to advanced threat analysis techniques. The ideal candidate possesses 2-4 years of experience in cybersecurity operations or threat analysis and hands-on experience with EDR platforms like Microsoft Defender, SentinelOne, or CrowdStrike Falcon.

Requirements

• 2-4 years of experience in a cybersecurity operations or threat analysis role
• Hands-on experience with EDR platforms such as Microsoft Defender, SentinelOne, or CrowdStrike Falcon
• Familiarity with SIEM platforms (e.g., Microsoft Sentinel, Splunk) for log analysis and threat detection
• Basic understanding of incident response processes, including containment, eradication, and recovery
• Knowledge of malware analysis, network protocols, and system log analysis
• Strong analytical skills with attention to detail in identifying patterns and anomalies
• Ability to communicate effectively with technical and non-technical audiences

Responsibilities

• Monitor and analyze security alerts from EDR platforms (Microsoft Defender, SentinelOne, CrowdStrike Falcon)
• Investigate and respond to incidents, including identifying Indicators of Compromise (IOCs) and Indicators of Attack (IOAs)
• Perform initial forensic analysis on logs, endpoints, and network data to assess potential threats
• Collaborate with senior analysts on the investigation and resolution of advanced threats
• Develop clear and concise incident reports for technical teams and business stakeholders
• Assist in maintaining and fine-tuning detection rules and security monitoring configurations
• Stay updated on emerging threats, vulnerabilities, and attack techniques
• Contribute to team documentation, playbooks, and processes to enhance operational efficiency

Preferred Qualifications

• CompTIA Security+
• GIAC Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
• Experience working in Managed Detection and Response (MDR) environments
• Familiarity with scripting languages like Python or PowerShell to enhance investigative capabilities
• Exposure to network traffic and protocol analysis tools like Wireshark
• Strong organizational skills and the ability to manage multiple investigations simultaneously

Benefits

• 100% medical, dental, and vision coverage
• Flexible PTO
• Annual home office stipend and WeWork access
• Mental & physical health wellness programs like Headspace, Lumino, and more!
• Competitive compensation and opportunity for advancement