Senior Security Analyst - SOC Operations
Canada
Cyderes
Cyderes delivers proactive managed cybersecurity services, identity, and professional services to help enterprises stay ahead of threats and gain control of cyber risk. Be everyday ready.About the Job: The Managed Services Senior Security Analyst is responsible for security solutions for clients. The Senior Security Analyst will demonstrate the capacity to consistently meet and exceed client expectations representing and reinforcing the Cyderes brand through positive interaction with other teams within the company. Perform deep dive investigations into security threats, understand and implement MITRE mapping to identify customers current security posture.
Responsibilities:
- Provide overall guidance, instruction, mentorship, and leadership to other Security Analysts
- Perform triage and advanced analysis tasks across endpoint, server, and network infrastructure.
- Perform Threat Hunting on customer networks to detect, isolate threats and provide recommendations.
- Provide proactive security investigation and searches on client environment to detect malicious activities.
- Coordinate Incident investigations and deep dive analysis on detected threats.
- Understand and identify indicators of attack and compromise in alerts, by hunting through data, and from review of investigation notes.
- Have full understanding of the MITRE ATT&CK framework. Mapping clients use cases to tactics and techniques.
- Update documentation and runbooks to ensure repeatable analysis.
- Actively participate in an after-hours on-call rotation as Incident Controller
- Scope customer security incidents
- Document, communicate recommendations and guidelines based on results of analysis.
- Analyze, review, and provide raw log data for more insight into escalations through SIEM.
- Communicate effectively orally and in writing.
- Maintain current knowledge and understanding of threat landscape.
Requirements:
- 5 or more years of progressing/in-depth IT security experience. Practical experience in a senior role within the last three years and demonstrated ability to carry out the functions of the job.
- System Administration experience (Windows, Unix/Linux, Mac)
- Advanced understanding of networking concepts and ability to analyze network artifacts.
- Demonstrate experience in using Endpoint Detection and Response software (Sentinel1, Crowdstrike, Defender ETC.)
- Advanced knowledge of at least one leading SIEM platform (Sentinel, Splunk, Elastic, IBM Qradar, Chronicle etc.)
- Possess at least one industry certification Sec+, CEH, SANS Certification (e.g. GCIH, GCIA, GSEC, GMON), OSCP etc. or working towards a related certification.
- Prior knowledge of SOAR platform such as Siemplify, Forti soar etc.
- Expert-level Analysis of security events
- Basic scripting or development experience in one of the following languages: Python, JavaScript, PowerShell, bash, etc.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Bash CEH CrowdStrike Cyber defense EDR GCIA GCIH GSEC IAM JavaScript Linux MITRE ATT&CK OSCP PowerShell Python QRadar SANS Scripting Sentinel SIEM SOAR SOC Splunk UNIX Windows
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.