SOC Triage Analyst

Company Overview

ID.me is a high-growth enterprise software company that simplifies how people prove and share their identity online.  The company empowers people to control their data through a portable and trusted login, which means they don’t need to create a new password when visiting sites that have the ID.me button.  ID.me’s digital identity network has over 117 million registered members, and is used by fourteen federal agencies, agencies in 30 states and over 600 corporations for secure identity proofing and verification.

ID.me’s technology meets the federal standards for consumer authentication set by the Commerce Department and is approved as a NIST 800-63-3 IAL2 / AAL2 credential service provider by the Kantara Initiative. In addition to helping people control their credentials and data, the company’s “No Identity Left Behind” initiative strives to expand digital access and inclusion for all people. The company offers multiple pathways to identity verification – online self-serve, live video chat agents, and in person.  ID.me is passionate about building a robust identity network that does not compromise access for traditionally underserved groups.

ID.me has received numerous awards including Deloitte’s 2023 Technology Fast 500, Washington Business Journal’s Fastest Growing Companies, Entrepreneur Magazine’s 100 Brilliant Companies and Wall Street Journal’s Startup of the Year finalist.  In recent quarters, ID.me announced it raised $132 million in Series D funding, led by Viking Global Investors with participation from CapitalG, Morgan Stanley Counterpoint, FTV Capital, PSP Growth, Auctus Investment Group, Moonshots Capital, and Scout Ventures. ID.me’s most recent round brings the total investment in ID.me to over $275 million since its founding in 2010.

Role Overview
ID.me is seeking a skilled SOC Triage Analyst to join our rapidly growing security team. If you have a passion for cybersecurity and a desire to advance the digital identity ecosystem, this role offers a unique opportunity to contribute to our mission. The SOC Triage Analyst plays a pivotal role in executing processes that allow the organization to detect, analyze, and respond to cyber threats and security incidents. This role involves hands-on management of incident response, threat hunting, and forensic analysis, with a focus on maintaining the security and integrity of our digital environment. The ideal candidate will have a strong technical background, a keen eye for detail, and the ability to adapt to a fast-paced, dynamic environment.

Responsibilities

• Actively participate in incident response, including host and network-based forensic analysis, to support containment, eradication, recovery, and post-incident reviews.
• Detect, analyze, and respond to cyber threats and incidents using tools such as SIEM (e.g., Chronicle, Splunk), IDS/IPS, EDR, and firewalls.
• Proactively search for Indicators of Compromise (IOC) and Advanced Persistent Threat (APT) tactics, techniques, and procedures (TTPs) to identify potential security threats.
• Contribute to the development of threat detection signatures, analytics, and correlation rules to enhance our detection capabilities.
• Assist in projects related to security monitoring and incident response, providing technical expertise and leadership.
• Collaborate with Tier 2 and Tier 3 staff to detect, classify, and report incidents, ensuring alignment with Standard Operating Procedures (SOPs).
• Engage in threat intelligence activities, leveraging knowledge of adversary tactics and techniques to inform threat hunting and detection efforts.
• Maintain availability for 24x7 on-call rotation and ensure timely response to security incidents during standard EST business hours.

Required Qualifications

• 3+ years of experience in information security, with a strong focus on incident response and security monitoring.
• 2+ years of demonstrated experience in handling security incidents and responding to cyber threats.
• Proficient in leveraging SIEM tools (preferably Chronicle, Splunk) and other security technologies for threat detection and incident response.
• Solid understanding of cloud environments, particularly AWS, GCP, and/or Azure, and their associated security challenges.
• Experience with threat detection, threat hunting, and the use of threat intelligence to enhance security operations.
• Familiarity with investigations and forensics in MacOS and Linux environments.
• Strong knowledge of email security, network monitoring, and Data Loss Prevention (DLP) techniques.

Preferred Qualifications

• Industry security certifications, such as GCIA, GCIH, GCFA, Security+, or related credentials.
• Prior experience in combating fraud or supporting anti-fraud initiatives.
• Experience developing and implementing Standard Operating Procedures (SOPs) for security incident detection and response.

Ideal Candidate Will Thrive In Our Culture

• Demonstrates a strong passion for security and a commitment to protecting digital identities.
• Adapts well to changing priorities and can shift gears quickly in a fast-paced environment.
• Exhibits excellent oral and written communication skills, with the ability to effectively convey complex security issues.
• Works well within a team, but is also self-driven and capable of managing tasks independently.
• Shows a continuous desire for learning and professional development, staying updated with the latest trends in cybersecurity.

The annual base salary listed below for this role is based on experience, skills, education, relevant training and geographic location. Company bonus, incentive for sales roles, equity, and benefits are available depending on the role.

ID.me offers comprehensive medical, dental, vision, health savings account, flexible spending accounts (medical, limited purpose, dependent care, commuter benefit accounts), basic and voluntary life and AD&D insurance, 401(k) with company match, parental leave, ability to participate in unlimited paid time off subject to the terms and conditions of the PTO policy, including 8 company wide holidays, short and long-term disability insurance, accident and critical illness insurance, referral bonus policy, employee assistance program, pet insurance, travel assistant program, wellbeing and childcare discounts, benefit advocates, and a learning and development benefit.

The above represents the anticipated total rewards package for this job requisition. Final offers may vary from the amount listed based on qualifications, professional experiences, skills, education, relevant training, geographic location, and other job related factors.

ID.me maintains a work environment free from discrimination, where employees are treated with dignity and respect. All ID.me employees share in the responsibility for fulfilling our commitment to equal employment opportunity. ID.me does not discriminate against any employee or applicant on the basis of age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. ID.me adheres to these principles in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, social and recreational programs, and discipline. In addition, ID.me's policy is to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations and ordinances where a particular employee works. Upon request we will provide you with more information about such accommodations.

Please review our Privacy Policy, including our CCPA policy, at id.me/privacy. If you provide ID.me with any personally identifiable information you confirm that you have read and agree to be bound by the terms and conditions set out in our Privacy Policy.

ID.me participates in E-Verify.