Job Type
Full-time
Description
Who We Are
Guided by our Core Values, deepwatch is securing the digital economy by tenaciously protecting enterprise networks - everywhere, everyday. Our team, many of the most technically astute minds in cybersecurity, serves an impressive list of Fortune 500/Global 2000 companies. Our success is driven by our unique IP, Cloud SecOps platform and strategic partnerships with industry leading technology vendors. deepwatch is:

• CISO Choice Awards: MSSP Winner 2020
• Great Place to Work® Certified 2020
• Goldman Sachs portfolio company: $53m Series B investment 2020
• Splunk Partner: #1 Volume MDR/MSSP - Splunk Managed SIEM
• Forrester: Top 10 MDR

What We Do
deepwatch's innovative cloud platform and borderless SOC extends our customers' cybersecurity teams and proactively protects their brand, reputation and digital assets. Our powerful analytics platform analyzes billions of events each month and is trusted by hundreds of leading global organizations to provide 24/7/365 managed security services. We have developed some of the coolest, most innovative IP in the industry and we're expanding our platform by investing extensively in research and development.
What We Offer
Wellness

• Choice of medical, dental and vision plans with deepwatch paying 100% of premium for HDHP medical and dental along with a very generous portion for dependents
• FSA (Medical and Dependent) and HSA with employer contribution
• Company paid Life Insurance, Short Term Disability and Long Term Disability
• Generous Paid Time Off, 8 company holidays, 2 floating holidays
• Wellness Programs
• Remote Workforce

Financial

• Stock Options: All full time employees are awarded stock options
• 401k with company match
• Generous mobile phone and home internet allowance
• Referral Bonus and recognition programs for exhibiting our Core Values

Professional development

• Mentoring Program
• Limitless career progression and commitment to promoting from within
• Up to $6K annually per employee for Professional Development

Giving Back

• Company-wide initiatives, such as supporting https://www.stemforher.org/
• Paid time off for Community Service
• Voting Leave

Social

• Employee Affinity Groups: Supportive internal networks like Women of deepwatch
• dw Swagger: annual credit to the deepwatch Swag Store to show your dw pride
• Having a blast! Monthly All Hands and Ask Me Anything calls, interactive wellness programs, social events, cross functional initiatives, annual Company Kick Off event, and department offsite meetings to name a few

Lead Security Analyst
The Lead Security Analyst performs a supervisory role to Security Analysts within their assigned deepwatch delivery squad and serves as a technical subject matter for customer meetings. The Lead Security Analyst is responsible for shift scheduling and continuity of coverage for Security Analysts and may be required to cover shifts personally. Other than when covering a shift as required, he/she works a flexible schedule with core hours dictated by customer meetings and as approved by the Squad Manager or Squad Director. This position is virtual / remote working from a home office unless at a client site.
Although this role does not generally work a specific shift, the core hours for the position are Weekday Mornings, 8:30a - 4:30p Eastern Time. This role may be required to assist in alert coverage and triage when alert volume exceeds normal thresholds or if otherwise required.
Position Responsibilities

• Develop and manage analyst shift schedules for the squad, ensure shift coverage
• Assist in alert coverage and triage when alert volume exceeds normal thresholds
• Serve as an escalation point for analysts in squad
• Serve as a stand in for Squad Manager/Director when unavailable
• Assist Squad Manager/Director with tracking of initiatives, including planning and task delegation
• Conduct monthly reviews of analyst documentation (in conjunction with Lead Security Analysts from other squads)
• Serve as a mentor and assist the Squad Manager/Director with coaching and training
• Attend customer and internal meetings and represent analyst perspective
• Assist with maintenance of internal customer documentation
• Provide input or assistance to Customer Success Managers and Squad Manager/Director in the creation of executive briefings
• Assist Squad Manager/Director with coordinating and ensuring appropriate resolution of customer requests assigned to Security Analysts; ensure expectations and outcomes are clearly communicated to customers
• Provide guidance on best practices regarding alert closure notes and ticket creation
• Ensure timely updates and responses to tickets, customers and internal stakeholders
• Audit submitted tickets against escalation best practices
• Contribute to the creation and/or maintenance investigation reports

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Requirements
Required Knowledge, Skills and Abilities

• Strong verbal and written communications skills
• Bachelor's Degree and 3+ years in Cybersecurity Operations or related/equal experience, with preference for MSSP
• Incident handling and response
• SIEM experience or related/equal experience
• SOAR, Ticketing Systems and Threat Intelligence platforms
• Operating Systems and Networks
• Experience with the following concepts:
  • Full packet capture analysis
  • Malware analysis (Static/Dynamic)
  • Host forensics (Windows)
  • Email Analysis
  • Virtualization
• Experience using administrative tools, including but not limited to Microsoft Products
• 1 year of experience in leadership or supervisory role
• Ability to position and discuss security issues with customer technical and leadership audiences to reach positive outcomes
• Industry recognized cybersecurity certifications:
  • SANS, EC-Council, CompTIA, GCIA, GCIH, CEH, CySA, Net+ or Sec+
• Scripting experience
• Writing skills for customer or executive audiences
• Ability to pass a pre-employment background and drug screen in accordance with applicable laws

Preferred Experience, Skills and Knowledge

• Degree in Information Security or Information Technology
• Scripting Experience
• Industry recognized cybersecurity certifications:
  • SANS, EC-Council, CompTIA, GCIA, GCIH, CEH, CySA, Net+/Sec+

Colorado Candidates:
Minimum salary of ninety six thousand dollars + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.
*Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when working remotely from the state of Colorado.
Equal Opportunity Employer
deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.