Careers | Posted Positions

Cyber Security Analyst III

July 24, 2020Careers

Cyber Security Analyst III

Company Overview

PacketWatch is a privately-owned boutique cybersecurity consulting firm that delivers enterprise-class security services to identify, detect, and respond to cyber-threats that have circumvented traditional information security controls. Our experienced consultants, threat hunters, forensic experts, and cyber security analysts help organizations gain confidence in their security posture with assessment, managed security, and incident response services. The team uses a proprietary full-packet-capture network monitoring, analysis, and investigation platform to improve the visibility of network anomalies, enrich cases with intelligence, and resolve complex incidents quickly. 

Responsibilities

As a senior member of the Service Delivery Team, the Cyber Security Analyst III is an expert in hunting, triaging, analyzing, and investigating potential security incidents and threats across our diverse client base. Major duties include leading complex security incidents and investigations, client onboarding activities, conducting host forensics, network forensics, log analysis, and malware triage in support of incident response investigations, utilize PacketWatch and 3rd-party endpoint detection and response technologies to conduct large-scale investigations and examine endpoint and network-based sources of evidence, recognize and codify attacker TTPs (tools, tactics, and procedures) and IOCs (indicators of compromise) for application to concurrent or future investigations; build scripts, queries or methodologies to facilitate incident investigation processes; develop and present readable yet comprehensive and accurate reports and presentations for both technical and executive audiences; and work with clients’ security and IT operations teams to implement remediation plans in response to incidents. The Cyber Security Analyst (III) works closely with other less experienced analysts to investigate complex or advanced incidents proactively and identify threats, vulnerabilities, and exploits (threat analysis, threat hunting, intrusion analysis).

Requirements / Profile

The ideal candidate will:

  • Be passionate about cyber security, finding threats, identifying new detection techniques, and providing excellent client support and satisfaction;
  • Enjoy the details of day-to-day tactical execution of threat hunting, intrusion analysis, and incident response;
  • Be a self-driven, team-oriented, and highly motivated technology professional familiar with appropriate experience in endpoint security analysis, network security monitoring (NSM), Security Incident and Event Management (SIEM) systems, next-generation security devices, forensics, and incident response;
  • Possessing deep technical knowledge and a sense of urgency, able to interact extensively with clients and partners using a confident tone and professional etiquette;
  • Able to see the big picture, understanding evolving attacker behavior and motivations, participate and manage multiple client-facing projects, and help to train/mentor other security consultants;
  • Possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines;
  • Take responsibility for customer satisfaction and overall success of IR/MDR services;
  • Be available, ready, and able to accept incoming calls, respond in a timely manner to client requests and security events, adhere to policies, procedures, and security best practices;
  • Document actions and effectively communicate information internally and to customers; and
  • Develop improvements for operational playbooks, tools, detection capabilities, workflows, and train and mentor fellow security engineers and security analysts.

Qualifications for Success

  • Bachelor’s Degree (or equivalent experience) with 5 or more years technical experience
  • Experience with at least three of the following:
    • Windows disk and memory forensics;
    • Network security monitoring, network traffic analysis, and log analysis;
    • OSX or Linux disk and memory forensics;
    • Static and dynamic malware analysis;
    • Thorough understanding of enterprise security controls in Active Directory/Windows environments;
    • Cloud (AWS, Azure, M365) security controls, logs, tools, and forensics; or
    • Experience building scripts, tools, or methodologies to enhance investigation processes
  • Additional Qualifications:
    • Effectively solving problems, communicating investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients;
    • Effectively develop documentation and explain technical details in a concise, understandable manner;
    • Strong time management skills to balance time among multiple tasks, and lead junior staff when required; and
    • Must be able to work in the US without sponsorship

Location

Scottsdale, Arizona, United States

Apply

Send your resume and cover letter for this Cyber Security Analyst III position to careers@packetwatch.com