Principal Security Operations Analyst- West Coast

About The Position

Requirements

• 6+ years experience in a SOC, Incident Response, or Forensics role
• Ability to explain possible complex alerts/events in a non-complex way, both written and verbal
• Proven mentoring experience and skills to junior team members, helping them to grow individually and as a team
• Understanding of Malware Analysis (Configuration of isolated Malware Analysis VM, Identification of File Formats, Basic Static & Dynamic analysis)
• Demonstrated experience with Windows, Linux and/or macOS as an attack surface
• Strong understanding and experience with Threat Actor Tools and techniques: (MITRE ATT&CK Framework, PowerShell & Command Prompt Terminals, WMIC, Scheduled Tasks, SCM, Windows Domain and host Enumeration Techniques, Basic Lateral Movement Techniques, Basic Persistence Mechanisms, Basic Defense Evasion Techniques, other offensive/Red Team TTPs)
• Strong experience with Windows Administration or Enterprise Domain Administration and upkeep (Active Directory, Group Policy, PowerShell, Windows Server Update Service, and Domain Trusts)
• Strong experience with M365/Cloud attack techniques
• Demonstrated equivalent of self-guided study experience or Bachelor’s degree in Information Technology, Computer Science, System Administration, or cybersecurity

Nice To Haves

• Experience with scripting languages (such as PowerShell, Python, Bash, PHP, JavaScript, or Ruby)
• Demonstrated experience on platforms like HackTheBox, TryHackMe, Blue Team Labs Online, etc.
• Participation in cybersecurity competitions such as Capture the Flag, the Collegiate Cyber Defense Competition, etc.
• Familiarity with MSP tools such as RMMs
• Previous experience in an MSP/MSSP/MDR role

Responsibilities

• Function as the lead liaison between the SOC and other Product and Research teams
• Help build automation to help reduce the workload on the SOC
• Own and complete investigative objectives associated with multi-host intrusions without assistance
• Triage, investigate, and respond to alerts coming in from the Huntress platform
• Perform tactical forensic timelining and analysis to determine the root cause of attacks, where possible, and provide remediations needed to remove the threat
• Understand and perform advanced malware analysis as part of investigating systems and identities
• Investigate suspicious Microsoft M365 activity and provide appropriate remediations
• Assist in escalations from the product support team for threat-related and SOC-relevant questions
• Assist our SOC Support team by engaging with customers via video/phone to explain or describe activity observed by the SOC when needed
• Contribute to detection efforts by helping to create or request net new detections, as well as tuning current detections
• Provide technical mentorship to more junior team members
• Contribute regularly to external-facing Huntress content such as blogs, webinars, presentations, and speaking engagements

Benefits

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth