Cyber Threat Defense Analyst

Who is Recruiting from Scratch: 

Recruiting from Scratch is a premier talent firm that focuses on placing the best product managers, software, and hardware talent at innovative companies. Our team is 100% remote and we work with teams across the United States to help them hire. We work with companies funded by the best investors including Sequoia Capital, Lightspeed Ventures, Tiger Global Management, A16Z, Accel, DFJ, and more. 

If you are a fit, the team will reach out to you about this role or any others that may be a fit for our clients.

Our Client

We're a global financial group providing clients with asset management, retail and business banking, wealth management, leasing and asset financing, market access, commodity trading, renewables development, specialist advisory, capital raising and principal investment.

Join our Cyber Threat Incident Response (CTIR) team based in our Houston office as a Cyber Threat Defense Analyst. In this role, you will be working alongside a diverse team in multiple offices around the globe and be responsible for detecting, identifying, triaging, and mitigating threats and risks in our global cyber environment. You will also act to ensure that our digital estate is protected from threats both known and unknown.

Your first-class technical skills are required to continuously identify, assess, and manage threats relative to the corporate risk appetite by leveraging technology and your experience to analyze data. Experience in log aggregation and analysis will be crucial in detecting and triaging potential or active security incidents.Your understanding of cyber threat as a function of human motivation, combined with your experience in actively detecting and defending against that threat utilizing a combination of standard cyber tools and your own system/platform/network knowledge, will be highly beneficial in this role alongside your similarly skilled and experienced peers.As part of our global 24x7 defense methodology, this role provides coverage of weekend days (Saturday and Sunday) in-region. Analyst schedules will adjust to cover weekends once training has been completed and will be supported by senior on-call analysts.Role- and level-specific training is provided along with ongoing and annual training for each analyst as part of the team development plan, understanding that actor methodologies are constantly advancing so our analysts must evolve to stay ahead of our adversaries.To be successful in this role you must have a minimum of 1 to 2 years of related security experience in enterprise environments. A strong understanding of security technology and defense topologies are imperative to be successful in this role.

What is the job?

• Triage active alerts and campaigns for potential systemic threats to our global business
• Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them
• Perform real-time detection, analysis, and response to threats via an EDR tool
• Analyze attacks and trends facing the organization and industry to better define proactive defensive measures
• Track, provide, and present analysis into observed attacks 
• Take proactive actions to have observed brand impersonating and malicious sites removed
• Review processes, defense plane, technologies, and alerts in search of improvement

What the ideal candidate should know/have experience with:

• Splunk or other large log aggregation system
• An Endpoint detection and response (EDR) platform
• Email gateway security controls
• Analyzing Emails (e.g reading and understanding email headers, infrastructure)
• Analytical mindset
• Offensive Security/Adversarial mindset
• Familiarity with various network or cloud architectures
• Identity and Access Management (IAM)
• User and Entity Behavior Analytics (UBA/UEBA)

Location: Hybrid in Houston TX (2 days a week in office). We offer relocation assistance

Salary : $95,000 - $0