Lead Cybersecurity Analyst

About The Position

Requirements

• 5+ years in cybersecurity and 3+ years in Azure cloud-native environments
• Advanced understanding of incident response and investigations
• Experience monitoring a SIEM or equivalent, investigating incidents, and utilizing threat intelligence to enhance detections
• Advanced log analysis (KQL)
• Experience analyzing network traffic (packets) and investigating phishing and business email compromise
• Self-motivated, enthusiastic, detail oriented, skilled in intelligent multi-tasking, and adaptable
• Able to evaluate risk and make risk-based recommendations for escalation or de-prioritization of remediation/mitigation efforts.
• Exceptional written and verbal communication

Nice To Haves

• Microsoft 365 including Office 365 security experience
• Container security experience (Docker, Kubernetes, etc)
• Powershell experience
• Security (e.g. CySA+, CISSP, GIAC, etc.) or Cloud Certifications (e.g. Azure, CCSP)

Responsibilities

• Perform security monitoring and analysis to detect and investigate security indcidents
• Manage and tune our SIEM, including rule/detection creation
• Build out automations to create efficiencies across the security operations function, especially at the triage level.
• Work with internal and external teams to determine the impact caused by detected intrusions, identify how an intrusion occurred, perform root cause analysis, and assist in recovery efforts
• Act as a SME for security operations initiatives that contribute to greater visibility, improved processes, and maximum value from our toolset
• Provide reporting to help management understand current risk levels
• Develop and maintain metrics that matter and communicate those through dashboards and reporting to leadership
• Create and maintain IR playbooks
• Act as incident commander during incidents and lead incident response tabletop exercises
• Review data from various sources and assess cyber intelligence to support in-depth analysis of various threats
• Support compliance and audit requirements related to security operations
• Identify and improve upon process and technology gaps within the incident response program and security posture overall
• Partner with other teams to continue to mature security across the organization
• Take on additional assignments aligned with organizational priorities
• Availability to be on call every other week to address critical alerts

Benefits

• 100% remote
• Health insurance through Aetna (we pay 100% of premiums)
• Dental and vision insurance through Guardian (we pay 100% of premiums)
• Basic life insurance (we pay 100% of premiums)
• Access to flexible spending account (FSA) or health savings account (HSA) (for those using HSA eligible plans)
• 401K plan (up 4% match with immediate vest). Must be 21 years of age or older to participate
• Flexible PTO policy offering up to 3 weeks of time off to support onboarding and integration during the first twelve months of employment. After the first year of employment and effective as of the anniversary date, eligibility transitions to up to 4 to 5 weeks of time off annually to recharge and sustain long-term success.
• 12 company-paid holidays each year
• Continuing education annual stipend
• Annual salary estimated between $130,000-$140,000 based on national data. Candidates who meet all the minimum requirements and possess additional relevant experience, as outlined in the job description, may be considered for a salary above the midpoint of the above range. Salary is based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; degrees or certifications, etc.