Security Analyst

About the role

Join At-Bay, a leading cybersecurity company, as a Security Analyst. In this role, you will provide first-line security monitoring services to our Managed Detection & Response customers. Your responsibilities will include operating and tuning security monitoring tools, identifying and analyzing anomalous activity, triaging event data, escalating potentially malicious activity, participating in incident investigation, and developing and maintaining customer relationships. You will also have the opportunity to work in a hybrid or flexible remote environment, receive comprehensive benefits, and participate in various team events and outings. Key missions: Operation and tuning of security monitoring tools, including Endpoint Detection & Response (EDR), network monitoring, email security, Data Loss Prevention (DLP), Security Information and Event Management (SIEM), and security automation tools.. Identification and analysis of anomalous activity in customer technology environments, triage of event data to identify potential indicators of compromise, and escalation of potentially malicious activity.. Participation in incident investigation, containment, remediation, and recovery activities, and developing and maintaining customer relationships to facilitate delivery of Managed Detection & Response (MDR) services. Profile: - Security monitoring using a variety of endpoint and network tools - Deployment, tuning, and operation of SIEM or other tools used to aggregate and analyze security-relevant data - Previous EDR, MDR, XDR, security monitoring, or incident response experience - Intrusion detection / cyber threat hunting - Willingness to travel as needed to perform job functions - Malware analysis - Development and analysis of cyber threat intelligence - Minimum of 2 years of experience in cybersecurity operations, incident response, or another security discipline - Previous hands-on experience working in information technology operations (e.g., Network Operations Center, Security Operations Center, Incident Response Team, etc.) - Previous hands-on experience performing security operations including several of the following: - Performing rapid response to contain and/or remediate potentially malicious activity - Deployment, tuning, and operation of security tools from vendors such as CrowdStrike, SentinelOne, and others - Bachelor’s degree or equivalent - Strong oral and written communications skills - Triage and analysis of potential indicators of compromise - Participation in investigations involving digital evidence - Significant undergraduate or graduate coursework in computer science, computer engineering, information systems, or cybersecurity - One or more industry cybersecurity certifications (e.g., GCIH, Security+, CISSP, etc.) - Preferred candidates will have a mix of cybersecurity experience including either security operations or security engineering / architecture - Knowledge of cloud environments including knowledge of cloud security products and services offered by major cloud service providers (e.g., AWS, Azure, Google)