Detection Tuning & Optimization Analyst, COE

Who We Are

At Critical Start, we’re on a mission to make everyone a valued member of a winning team, united by an inspiring purpose: shaping the future of cybersecurity. Since 2012, we’ve been dedicated to safeguarding organizations from cyberattacks, preparing for evolving threats, and earning recognition for our innovative contributions to the industry.

We thrive in an agile, collaborative environment that fosters creativity and action. At Critical Start, innovation drives everything we do. We pioneered the first MOBILESOC app for on-the-go threat detection and response, automated alert resolutions to maximize efficiency, and cut alert investigation time by 99.3% - transforming the way cybersecurity teams work. Our team and customers genuinely value the impact we make every day.

Want to hear more from our team? Watch this video to gain insights into life at Critical Start or check out our Glassdoor reviews for an inside look.

What can we offer you?

• A chance to make an impact every day—whether protecting customers or contributing to a greater mission.
• Collaboration with talented, supportive teammates who value accountability and growth.
• A commitment to continuous improvement, striving for excellence, and breaking past mediocrity.
• A culture of learning, innovation, and inclusivity, where every idea matters.
• Recognition for being at the forefront of the industry—we’ve received accolades that prove we’re doing something right.
• A supportive environment where you belong and your contributions truly matter, as one team member put it: “Every day presents new challenges and opportunities for growth, and the culture is unlike any other.

Who You Are

We are seeking a Detection Tuning & Optimization Analyst to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, for our India operations. As an Analyst at Critical Start, your role is of utmost importance in the realm of identifying and responding to security alerts. You actively partake in configuring playbooks and event orchestration technologies. With your extensive knowledge of incident detection and response, you significantly contribute to reducing, resolving, and orchestrating events across numerous endpoints and SIEM (Security Information and Event Management) security products. 

On a day-to-day basis, you'll be responsible for reviewing and delving into alerts generated by security tools, distinguishing between true and false positives, and taking actions to address these detections. Collaboration is key as you'll work closely with teams ranging from the Security Operations Center, engineeering, Security Engineering, and Implementations/Onboarding to guarantee the customer is in an ideal state before they progress. 

What You Will Be Doing?

Incident Detection and Analysis: 

• Continuously monitor events generated by our array of security products to proactively identify potential incidents. 
• Perform a thorough analysis and investigation of security alerts and escalate to RSOC as needed for official investigation and response. 

Tuning and Alert Optimization:

• Conduct regular reviews of alerts to identify false positives and opportunities for reduction
• Analyze alert patterns and trends to optimize detection accuracy and efficiency
• Collaborate cross-functionally with automation and detection teams to implement necessary improvements
• Develop and maintain standardized orchestration processes for alert management
• Escalate potential false positives to relevant stakeholders, providing detailed analysis for informed decision-making
• Continuously refine alert criteria and thresholds to minimize noise while ensuring critical issues are captured
• Document and track alert optimization efforts, including rationale for changes and impact on system performance

Reporting and Documentation: 

• Adhere to existing internal documentation and processes, ensuring consistency in work output.
• Identify gaps or outdated information in documentation and proactively update as needed.
• Create new documentation for undocumented processes, maintaining quality standards.
• Continuously improve documentation to enhance team efficiency and knowledge sharing.

What You Will Bring?

Required Qualifications: 

• 3+ years of experience in a relevant security analyst role and the ability to successfully complete a new analyst training program. 
• Proficiency in written communication and a strong grasp of technical concepts. 
• Exceptional verbal communication skills and the ability to effectively communicate across different teams. 
• A solid understanding of SIEM tools, along with hands-on experience with EDR (Endpoint Detection & Response) and EPP (Endpoint Protection Platforms) solutions. 
• Competency in network and system security, threat detection, and incident response. 
• Outstanding problem-solving, critical thinking, and analytical abilities. 
• Capacity to work effectively under pressure in a fast-paced and ever-changing environment.

Desired Qualifications:

• Possession of relevant certifications like CompTIA Security+ or Certified Ethical Hacker (CEH) is advantageous. 

What It's Like Working Here

Imagine a dynamic, enjoyable, and rewarding work environment. We are professionals, and the work we do holds immense significance, like saving our customers from potential disasters. However, we believe in not taking ourselves too seriously. 

Prefer a casual dress code every day? No problem, as we find comfort enhances our thinking. 

What does our Compensation and Benefits package entail? 

• Competitive salary with bonus potential 
• Flexible PTO (Paid Time Off) policy 
• Depending on the role, you may work in the office, remotely, or adopt a hybrid work model.  
• And a new Tesla... just kidding! Kudos for making it to the end. 

Critical Start welcomes people from all backgrounds and walks of life. One of our core values is to “Do what’s best for our employees,” and that starts with the hiring process by finding the best candidates and providing an environment that upholds equal employment opportunities for all employees and applicants, strictly prohibiting any form of discrimination or harassment based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. 

This policy encompasses all aspects of employment, including recruitment, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. 

Mental and Physical Requirements 

It's important to note that specific physical and mental requirements may vary depending on the nature of the office job, organization, and individual responsibilities. 

Physical:  

• Stationary position for extended periods of time. 
• Constantly operate a computer.  
• Occasionally you may be required to move equipment or other items up to 20 lbs. 
• The ability to communicate information and ideas so others will understand. Must be able to exchange accurate information in these situations. 

Mental:  

• Must be able to apply established protocols in a timely manner. 
• Make timely decisions in the context of workflow. 
• Ability to complete tasks and perform in situations requiring speed deadlines, or productivity quota. 
• Ability to work effectively and efficiently in high stress situations. 
• Ability to simultaneously address multiple complex problems. 

How to Apply:  

Interested candidates are invited to visit our career site and apply for the position: https://www.criticalstart.com/careers/