GCDT Analyst

About The Position

Requirements

• Familiarity with Application Security
• Familiarity with Attack Frameworks
• Familiarity with Cloud Platform Security
• Familiarity with Container Security
• Familiarity with Database Security
• Familiarity with Email Security
• Familiarity with Endpoint Security
• Familiarity with Incident Response Frameworks
• Familiarity with Incident Response Activities
• Familiarity with Network Security
• Familiarity with Social Engineering Techniques
• Fundamental knowledge of Endpoint Detection & Response (EDR) Tooling
• Fundamental knowledge of Log Analysis
• Fundamental knowledge of Security Information & Event Management (SIEM) Tooling

Responsibilities

• Assist in the development of processes and procedures to help improve detection and response capabilities
• Assist with building out SOAR capabilities
• Create and test Celonis Defense Procedures and IR Playbooks
• Create Detection Use Cases
• Document relevant incident information into the case management system, detailing the critical data for each incident to develop a historical record
• Monitor the environment, SIEM, and other internal security tools for compliance violations, anomalous behavior, and potential attacks to respond to possible threats to the organization
• Participate in shift turn over meetings between outgoing and incoming teams globally to pass along critical information and ensure any open cases are effectively transitioned
• Perform initial analysis of all new alerts generated by correlation/alerting tools in addition to other external sources that will feed into the SIEM system and other security monitoring tools
• Participate in on-call rotation

Benefits

• Generous PTO
• Hybrid working options
• Company equity (RSUs)
• Comprehensive benefits
• Extensive parental leave
• Dedicated volunteer days
• Access to resources such as gym subsidies, counseling, and well-being programs