This role is a Tier 2 Analyst and requires experience in threat response. Duties and responsibilities include:
· Formalize and deliver security product tuning requests to improve detection capabilities and overall efficiency.
· Develop and maintain incident response use incidents, knowledge base articles, and other relevant documentation.
· Coordinate basic forensics activities as needed.
· Conduct after action reviews on high impact and otherwise noteworthy incidents to identify process and human capital improvements.
· Aid in onboarding and mentoring new team members.
· Drive and Implement continuous improvement, open communication, and sharing of knowledge.
· Assist with creation, review, and upkeep of internal documentation.
· Facilitate reasonable out-of-hours communications such as company email and occasional SOC operations related phone calls to resolve escalated issues.
· Actively influence team collaboration, cross-training, and documentation.
· Act as a primary subject matter expert for one or more security products.
· Act as initial escalation point for complicated or sensitive work.
· Identify and resolve opportunities to automate repetitive tasks.
· Proactively propose improvements for how to reduce risk and potential future incidents.
· Maintain high-level of expertise with products in use and the ability to quickly familiarize with related technologies.
What it takes to be successful:
· Bachelor’s degree in related field and/or equivalent work experience
· Certified in one or more "intermediate level" security certifications+
· 3 years’ experience performing similar duties.
· Ability to work in an operational/shift-based environment with flexible working hours to include evenings and weekends.
· Demonstrated experience with the security industry including an understanding of best practices, risk mitigation, and compliance frameworks.
· Able to function effectively in high stakes and high stress situations.
· Legally capable of working in the US or EU or APAC regions as designated.
· Passionate about cybersecurity and self-driven to continue to learn/develop relevant skillsets as well as maintain industry specific certifications.
· Ability to quickly find answers to questions referencing manuals and/or Internet resources.
· Fluent in English in both writing and speech (i.e. writing, reading, speaking, and understanding) possessing the ability to effectively communicate complex security concepts with end customers.