Senior Detection & Response Analyst

Sometimes just catching the nefarious actors just isn’t enough. As you continue sophisticated security incidents, you’ve developed a passion for getting to the root of things. You see the value in understand the real world tactics that Red Teams use during an engagement. When it comes to investigating attackers, you understand the importance of leaving no rock unturned. You stay cool in the trenches when fighting against attackers and make sure customers have no worries.

We need someone that is passionate about helping our customers understand what happened in their environment and how to prepare for it in the future. As attackers adapt, we remain flexible and think of new ways to investigate while working with engineers to develop accurate defensive strategy. The Senior position is one that leads by example of what it means to be a strong security professional and has a desire to help others develop in their career.

What Expel can do for you

• Deepen your investigative skills and expertise in responding to critical security incidents
• Exposure to advanced attacker techniques through real security incidents and Red Team engagements
• Provide opportunities to work on developing efficient SOC operational processes
• Lead technical training efforts and mentor others in their security career
• Chip in to a growing detection strategy and new security integrations

What you can do for Expel

• Serve as a lead incident handler during critical incidents
• Participate in our on call rotation
• Identify areas for improvement, and get hands-on with making that thing better
• Help us significantly impact the security of our customers' organizations
• Constantly experiment to find new ways of catching bad actors
• Mentor and up-level newer analysts - because teamwork makes the dream work!

What you should bring with you 

• A bachelor's degree in a technical field or a good (or creative) excuse
• Experience conducting incident response to high risk security incidents in enterprise environments 
• In depth understanding of incident remediation and resilience to contribute to strengthening our customers environments
• A fundamental understanding of TCP/IP and core application layer protocols
• Fluency with Windows operating systems and command line tools
• Familiarity with at least one major cloud infrastructure provider (such as AWS, Google Cloud Platform, Azure)
• Familiarity with cloud applications (O365, Okta, etc)
• Experience with tools used for forensic acquisition and analysis
• Familiarity with the attack lifecycle (or kill chain, if you prefer)
• If you've got offensive security and/or scripting skills, that's a plus

Additional notes

The targeted compensation range for this role is between: $73,500 and $106,600 + bonus & equity.

We believe in paying transparently and equitably. Your salary will ultimately be based on factors such as your experience, skills, team equity, and market data. You’ll also be eligible for unlimited PTO (which we model and encourage), work location flexibility, up to 24 weeks of parental leave, and really excellent health benefits.

Our headquarters is in Herndon, Virginia. However, we realize that while there is a benefit to in-person interaction, good people don’t all live in Northern Virginia. Remote work is an option for this role.

We're an Equal Opportunity Employer: You'll receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

We’ll ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please let us know if you need accommodation of any kind.

#LI-Remote

Salary Range€73.500—€106.600 EUR