Security Analyst (Hybrid in Philadelphia, PA) - Mid-Atlantic region

About The Position

Requirements

• Familiarity with CrowdStrike for investigations, ability to create and run CrowdStrike queries
• Familiarity with creating Dashboards in Falcon Console
• Familiarity with other parts of the Crowdstrike Suite including Falcon Complete MDR console
• Advise new users on best practices for investigations leveraging NG-SIEM
• Understanding of Indicators of Compromise (IOCs)
• Deep understanding of TCP/IP, DNS, DHCP, and similar protocols.
• Knowledge of endpoint detection and response (EDR) tools
• Experience with anti-virus and malware analysis
• Familiarity with MITRE ATT&CK and other similar incident response frameworks
• Basic proficiency in scripting languages (Python, Bash, PowerShell)
• Use regular expressions (regex) for data parsing.
• Understand the importance of vulnerability management and scanning
• Familiarity with cloud security practices and tools (AWS GuardDuty, Microsoft Defender for Cloud).
• Strong critical thinking and problem-solving skillset
• Ability to analyze complex situations and make informed decisions under pressure.
• Strong verbal and written communication skills for documenting incidents and collaborating with teams.
• Ability to convey technical concepts to non-technical stakeholders.
• Keen observational skills to spot anomalies and patterns.
• Willingness to collaborate with other analysts, IT teams, and external stakeholders.
• Calm and flexible in fast-paced, high-pressure environments.
• Understanding of threat actor tactics, techniques, and procedures (TTPs).
• Familiarity and knowledge of emerging threats and vulnerabilities and have the means to obtain relevant information for threat investigations.
• Previous experience in a SOC or similar role required.
• Experience with managing real-world incidents.

Nice To Haves

• CrowdStrike Certified SIEM Analyst (CCSA)
• CrowdStrike Certified Falcon Responder (CCFR)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Incident Handler (GCIH)

Responsibilities

• Analyze network traffic and identify anomalies.
• Hands-on experience in triage, containment, and threat eradication.
• Analyze and monitor logs and formulate potential attack theories using analytical skills for scenarios
• Interpret logs from systems such as servers, firewalls, and applications.
• Identify patterns and detect threats using log correlation across cybersecurity tools

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option