Security Analyst II (Weekday Afternoons)
About The Position
Deepwatch is a leader in managed security services, dedicated to protecting organizations from cyber threats 24/7/365. Leveraging its cloud-based security operations platform, Deepwatch offers rapid and comprehensive detection and automated response to cyber threats, coupled with expert guidance to mitigate risk and enhance security posture. The company serves hundreds of organizations, from Fortune 100 to mid-sized enterprises. Deepwatch fosters a culture of excellence, driven by core values, and is committed to empowering team members through professional development. The Security Analyst II role is for a highly motivated, self-driven technical analyst focused on global security. The Deepwatch Security Operations Center provides opportunities to expand skill sets through real-time incident detection and response, supporting customers by understanding their unique environments and challenges, and collaborating with industry-leading responders.
Requirements
- Experience as an analyst in Security Operations Center
- Have a strong understanding of cyber security principles, concepts and practices including the ability to perform a complete and thorough incident investigation and triage with limited support
- Know your way around SIEM platforms (Splunk required), how to perform queries and leverage various log sources to perform investigations
- Competency with in-depth header analysis, hashes and Windows/macOS/Linux logs
- Demonstrate the ability to pivot to other log sources, cloud systems or consoles to perform a comprehensive analysis from multiple data sources
- Have a basic understanding of modern EDR, email security and cloud identity platforms
- A desire to support others and uplift the program and team through updating training materials and SOPs
- Strong written and verbal communication skills including the ability to compose detailed reports and analysis that’s thorough, accurate and complete
- Experience with ticketing systems
Nice To Haves
- MSSP environment preferred
- Google SecOps or Microsoft Sentinel preferred
- ServiceNow preferred
- Sec+, CySA, CEH, GSEC, or equivalent certification preferred
Responsibilities
- Support incident handling processes across multiple platforms and security technologies including Windows, Linux and macOS
- Provide in depth analysis from escalated requests originating from Security Analyst 1
- Validate suspicious events by performing investigations using SIEM and SOAR technologies, leveraging Deepwatch proprietary tooling, intelligence and OSINT, TTPs and IOCs
- Identify gaps in customer environments, data ingested or configuration errors which reduce telemetry quality
- Work with customer and leadership to surface and resolve concerns
- Provide support to Security Analyst I including coaching and training as necessary
- Leverage your knowledge of Alert Triage, SOC Operations, and Defense in Depth (DiD) to contribute to projects for overall customer success
- Produce high-quality written and verbal communications, recommendations, and findings to customer management in a timely manner
- Surface opportunities for improvement in the SOC and for the customer and be a change agent for measurably improving our customer security posture and experience
- Continue to sharpen your skills and capabilities on the job, and through the Deepwatch development program
Benefits
- Medical, dental, vision, and disability insurance
- Flexible Time Off (FTO)
- 12 company holidays
- sick leave
- 8-Weeks Paid Parental Leave
- Unique professional development benefits with Annual “development dollars” to support our people growth and development
- Wellness contests and monthly educational programs
- 401(K) retirement program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
101-250 employees
