PacketWatch is seeking an experienced Cyber Security Analyst II to join our team.
Cyber Security Analyst II Responsibilities
As a senior member of the Service Delivery Team, the Cyber Security Analyst II is is well-versed in hunting, triaging, analyzing, and investigating potential security incidents and threats across our diverse client base.
Major duties include:
Leading complex security incidents and investigations
Client onboarding activities
Conducting host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
Utilize PacketWatch and third-party endpoint detection and response (EDR) technologies to conduct large-scale investigations and examine endpoint and network-based sources of evidence
recognize and codify attacker TTPs (tools, tactics, and procedures) and IOCs (indicators of compromise) for application to concurrent or future investigations
build scripts, queries or methodologies to facilitate incident investigation processes
develop and present readable yet comprehensive and accurate reports and presentations for both technical and executive audiences
work with clients’ security and IT operations teams to implement remediation plans in response to incidents.
The Cyber Security Analyst (II) works closely with the Team Leader other less experienced analysts to investigate complex or advanced incidents proactively and identify threats, vulnerabilities, and exploits (threat analysis, threat hunting, intrusion analysis).
Cyber Security Analyst II Profile
The ideal candidate will:
Be passionate about cyber security, finding threats, identifying new detection techniques, and providing excellent client support and satisfaction;
Enjoy the details of day-to-day tactical execution of threat hunting, intrusion analysis, and incident response;
Be a self-driven, team-oriented, and highly motivated technology professional familiar with appropriate experience in endpoint security analysis, network security monitoring (NSM), Security Incident and Event Management (SIEM) systems, next-generation security devices, forensics, and incident response;
Possess deep technical knowledge and a sense of urgency, able to interact extensively with clients and partners using a confident tone and professional etiquette;
Be able to see the big picture, understanding evolving attacker behavior and motivations, participate and manage multiple client-facing projects, and help to train/mentor other security consultants;
Possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines;
Take responsibility for customer satisfaction and overall success of IR/MDR services;
Be available, ready, and able to accept incoming work, respond in a timely manner to client requests and security events, adhere to policies, procedures, and security best practices;
Document actions and effectively communicate information internally and to customers; and
Develop improvements for operational playbooks, tools, detection capabilities, workflows, and train and mentor fellow security engineers and security analysts.
Cyber Security Analyst II Requirements
Bachelor’s Degree (or equivalent experience) with 3 or more years technical experience
Core Skills Required:
Network security monitoring;
Network traffic/packet analysis;
Log analysis (Firewall, VPN, Windows event logs);
Thorough understanding of Enterprise security controls and best practices in a Microsoft Active Directory environment.
Additional Related Skills:
Strong knowledge of Windows command line tools;
Experience with Windows disk and memory forensics;
Linux or OSX disk and memory forensics;
Cloud (AWS, Azure, M365) security controls, logs, tools, and forensics; and
Experience with Python and/or PowerShell scripting environments and task automation.
Must be able to work in the US without sponsorship
PacketWatch Employee Benefits
Medical, Dental, Vision, and Life Insurance policies
Paid Time Off (PTO) and 10 Paid Holidays
Opportunities for career development (continuing education and certifications)