Security Analyst jobs in Logan, UT

Company Overview: In a world where cyber threats are not just inevitable but continually evolving, Third Wave stands as a beacon of security and innovation. Headquartered in Frisco, TX, we’ve been pioneering cybersecurity and risk management solutions since our inception in 2017.

Our C4 Intelligence Platform is not just technology; it’s a commitment to safeguarding industries ranging from Healthcare, Energy, Oil & Gas, Retail, and Travel & Hospitality.

In this digital era, your peace of mind is our priority. Our approach combines cutting-edge technology with robust cybersecurity defenses, ensuring comprehensive protection for every aspect of your business. We don’t just respond to threats; we anticipate them.

Position Overview: As a Security Operations Center (SOC) Analyst Level 2, you will play a crucial role in monitoring, analyzing, and responding to security incidents to protect our clients infrastructure and data assets. Working closely with Tier 1 analysts and other cybersecurity professionals, you will investigate and mitigate security threats, provide expert guidance to our diverse clientele.

Key Responsibilities:

• Incident Detection and Analysis: Monitor security events and alerts using various security tools and technologies. Analyze and investigate potential security incidents to determine their nature, scope, and impact. Will act as primary escalation point for Tier 1.
• Incident Response: Execute predefined incident response procedures to contain and mitigate security breaches. Coordinate with relevant stakeholders to ensure swift resolution of incidents and minimize downtime.
• Threat Hunting: Proactively search for signs of advanced threats within the network environment. Utilize threat intelligence sources and advanced analytics to identify and neutralize potential security risks. Assist in threat signature implementation and tuning.
• Detection Engineering: Develop and maintain detection rules and algorithms to identify anomalous behavior and security threats across various data sources, including network traffic, logs, and endpoint telemetry. Conduct research on emerging threats, attack techniques, and security technologies to continuously improve detection capabilities and stay ahead of evolving threats.
• Security Tool Management: Manage and maintain security technologies such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), endpoint security solutions such as SentinelOne and Crowdstrike, and other relevant tools such as vulnerability management tools. Fine-tune configurations to optimize detection capabilities.
• Documentation and Reporting: Document incident details, analysis findings, and remediation actions taken for future reference and reporting purposes. Prepare comprehensive incident reports and contribute to ongoing security status updates. Lead in the development of playbooks for operational responses to security and cyber threats. Will report findings to customer as required.
• Collaboration and Knowledge Sharing: Work closely with Tier 1 analysts, SOC leadership, and other cybersecurity teams to share insights, best practices, and lessons learned. Participate in knowledge transfer sessions and training programs to enhance team capabilities.
• Continuous Improvement: Identify opportunities for process improvements, automation, and optimization within the SOC environment. Contribute to the development and implementation of new security policies, procedures, customer runbooks and controls. Participate in continuous training and improvement of our Tier 1 group.
• Shift Lead: Act as Shift Lead and first point of escalation for SOC Analysts and customers. Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring. Ensures standards and procedures for alerts are addressed with relevancy, accuracy and in a timely manner. Lead shift hand off meetings.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience).
• 3 years of experience in information security. (network, application, and systems) or related technology experience required.
• 2 years of experience in cybersecurity operations, preferably in a SOC environment as a Security Analyst L2.
• Strong understanding of network protocols, system administration, and cybersecurity principles.
• Proficiency in using security tools such as SIEM, IDS/IPS, endpoint detection and response (EDR). Preferable toolset will include SentinelOne, Crowdstrike, Elastic, Sumo Logic, Proofpoint Enterprise and Wiz.
• Hands-on experience with incident response techniques and methodologies.
• Hands-on experience using the ELK stack
• Relevant certifications such as CISSP, GIAC, or equivalent are highly desirable.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work effectively under pressure and in a fast-paced environment.

Benefits:

• Competitive salary package
• Health, dental, and vision insurance
• Retirement matching up to 4% for 401k
• Paid time off and holidays
• Professional development opportunities
• Dynamic and collaborative work environment

Requirements:

• On Call availability
• Shift work is required
• Lift more than 25 pounds
• On premise in Ogden, Utah

Job Type: Full-time

Pay: $95,000.00 - $120,000.00 per year

Benefits:

• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Parental leave
• Professional development assistance
• Retirement plan
• Vision insurance

Compensation package:

• Yearly pay

Experience level:

• 3 years

Schedule:

• 10 hour shift
• 12 hour shift
• Day shift
• Evening shift
• Holidays
• Night shift
• Overnight shift
• Weekends as needed

Application Question(s):

• Experience management security products such as SentinelONE, Crowdstrike, Tenable, Splunk, ELK Stack, Wiz, Proofpoint etc

Education:

• Bachelor's (Preferred)

Experience:

• Information security: 3 years (Required)
• SoC: 2 years (Required)

License/Certification:

• CompTIA Advanced Security Practitioner (Preferred)
• CISSP (Preferred)

Shift availability:

• Night Shift (Required)
• Overnight Shift (Required)

Ability to Commute:

• Ogden, UT (Required)

Ability to Relocate:

• Ogden, UT: Relocate before starting work (Required)

Work Location: In person