Cyber Security Analyst

Security Analyst

Vigilant is hiring a Security Analyst to join our Security Services team. In this position you will ensure that our first line of response is assessing information security events and incidents across Vigilant's client environments. In this role, you will collaborate and use problem solving skills as you work among a team of skilled analysts to address complex problems and add value to the organization and our clients. Security Analysts will be responsible for delivering regular scheduled security briefings to our clients.

Vigilant is on a mission to protect and defend our customers, enable better risk-informed business decisions, and drive innovation and excellence within Cyber Security. Come be a part of a growing team that is doing important, challenging, and fulfilling work in support of that mission.

Primary Responsibilities

• The SOC Analyst provides incident detection and response services for our CyberDNA managed Network Security Monitoring service. This role performs and participates in proactive hunts to identify anomalous activity indicative of active compromise, previous compromise, misconfigurations, or other notable observations to support the protection of our customers' environments
• When not hunting, this role triages and investigates alerts generated from multiple detection technologies & takes necessary action to identify, scope, and guide customers to a rapid and successful remediation
• You will use your knowledge of Information Security to monitor SIEM and logging environments for security events and alerts to potential (or active) threats, intrusions, and/or compromises
• You will work to understand the global threat landscape by working with Vigilant Cyber Threat Intelligence team to maintain awareness
• You will assist with containment of threats and remediation of environment during or after an incident
• You will leverage your knowledge to write comprehensive reports of incident investigations
• Engage with other teams to ensure detections are working as intended

• Provide feedback to the Threat Detection team regarding the logic of existing detections to reduce false-positive rates, and align them more consistently with their intent
• Ensure that security-relevant data is flowing to appropriate systems
• Collaborate across teams for training, development opportunities, and service improvement
• Ensure that documentation, workflows and processes remain accurate and up-to-date

Minimum Requirements

• Expert at analyzing and dissecting PCAP data to validate security events, interpret network traffic, and extract indicators.

• Skilled with data collection, log analysis tools, pattern recognition, and managing dashboards

• Baseline knowledge of network protocols, network analysis tools, and general network architecture.

• You have a passion for learning
• You possess a demonstrated ability to speak with people with varying knowledge in IT Security concepts and can tailor your message to the audience
• Excellent interpersonal skills and ability to see things through the customer's eyes
• Tremendous attention to detail
• Eligible to work in the United States without company sponsorship
• Bachelor's degree in computer science, information security or related discipline is required or equivalent work experience

Preferred Qualifications

• Prior SOC/CSIRT experience in a 24x7 watch desk environment preferred

• Experience using industry standard EDR tools and platforms including (SentinelOne, Carbon Black, Crowdstrike, Defender ATP)
• Strong knowledge of attacker tools, malware families, and known threat actor/group TTPs.
• You have a deep understanding of Incident Response framework, root cause analysis
• Capability to look at a process to identify opportunities for cycle-time reduction
• Experience hunting for unknown threats, as well as tracking existing campaigns and adversaries.
• Experience providing managed NSM services to multiple customers is a plus.
• Hands-on experience with firewalls, routers, and other security appliances.

This role leverages a flex-schedule that may involve non-traditional working hours and after-hours on-call as needed. Must be able to work from a Vigilant office (Cincinnati, OH) or remotely from a home office, depending on the candidate's skills and experience. This position is eligible to US citizens physically residing in the US, any offer of employment is contingent upon background, drug screen, and reference checks.

The above statements describe the general nature and level of work being performed by individuals assigned to this classification. This is not intended to be an exhaustive list of all responsibilities and duties required of personnel so classified.

Salary : $79,000 - $100,000