Associate Security Analyst

About The Position

Requirements

• Studying (or completed studies) in the field of Software, Engineering, Computer Science or another related field.
• Knowledge of security concepts of threat categories (such as malware, phishing attacks, Defense-in-Depth, MITRE ATT&CK framework, etc.).
• Knowledge of Cloud Security (AWS and Azure), M365 Security tools or eagerness to learn.
• Knowledge of SIEM solutions & their querying languages (Sentinel, Splunk, Elastic etc.), or the ability to learn quickly.
• Knowledge of networking protocols (SMTP, HTTP, HTTPS, FTP, DNS, DHCP, etc.).
• Knowledge of Java, Python, consuming APIs, or the ability to learn them quickly.
• Knowledge of System administration skills, web programming languages, or ability to learn.

Nice To Haves

• Possess an entrepreneurial spirit and continuously innovate to achieve great results.
• Communicate with honesty and kindness and create the space for others to do the same.
• Lead with courage, knowing the possibility of greatness is bigger than the fear of failure.
• Foster connection by putting people first and building trusting relationships.
• Integrate fun and joy as a way of being and working.

Responsibilities

• Triages alerts/incidents and performs deep analysis; correlates with threat intelligence tools, tactics and procedures (TTP) in indicators of compromise (IOCs) to identify the threat actor, nature of the attack, and systems or data affected.
• Prioritizes and triages alerts or issues to determine whether a real security incident is taking place and escalates incidents to Tier 2 if remediation cannot be closed within designated SLA.
• Performs analysis, triage and remediation of low priority alerts following SOPs/playbooks.
• Analyzes logs, network traffic, and other data sources to identify the source of incidents.
• Records identified vulnerabilities, creates remediation tickets and tracks their status.
• Recommends detection and automation processes to enhance detection and response capabilities.
• Adjusts security tools and processes, e.g. EDR alerting modifications, updating detection rules conditions, etc.

Benefits

• Extended health and dental benefits, and mental health plans
• Paid time off
• Savings and retirement plan matching
• Generous employee discount
• Fitness & yoga classes
• Parenthood top-up
• Extensive catalog of development course offerings
• People networks, mentorship programs, and leadership series