Job Type
Full-time
Description
Who We Are
Guided by our Core Values, Deepwatch is securing the digital economy by tenaciously protecting enterprise networks - everywhere, everyday. Our team, many of the most technically astute minds in cybersecurity, serves an impressive list of Fortune 500/Global 2000 companies. Our success is driven by our unique IP, Cloud SecOps platform and strategic partnerships with industry leading technology vendors. Deepwatch is:

• CISO Choice Awards: MSSP Winner 2020 & 2021
• Great Place to Work® Certified 2020 & 2022
• Goldman Sachs portfolio company: $53m Series B investment 2020
• Splunk Partner: #1 Volume MDR/MSSP - Splunk Managed SIEM
• Forrester: Top 10 MDR

What We Do
Deepwatch's innovative cloud platform and borderless SOC extends our customers' cybersecurity teams and proactively protects their brand, reputation and digital assets. Our powerful analytics platform analyzes billions of events each month and is trusted by hundreds of leading global organizations to provide 24/7/365 managed security services. We have developed some of the coolest, most innovative IP in the industry and we're expanding our platform by investing extensively in research and development.
What We Offer
Wellness

• Choice of medical, dental and vision plans with Deepwatch paying 100% of premium for HDHP medical and dental along with a very generous portion for dependents
• FSA (Medical and Dependent) and HSA with employer contribution
• Employer Paid Life Insurance, Short Term Disability and Long Term Disability
• Supplemental Life/Critical Illness/Accident
• Generous Paid Time Off, 9 company holidays, 2 floating holidays
• 8 Weeks Paid Parental Leave
• Wellness contests and monthly educational programs (award-winning at that)
• Employee Assistance Program available to an employee's entire household, free and confidential, available 24/7 with 6 face-to-face counseling sessions
• Employee Discount Program
• Great Place to Work Certified
• Outstanding Rating on Glassdoor
• 100% Remote-First

Financial

• Very competitive salary
• Stock Options for all employees
• 401k with company match
• $2,400 annual stipend for Cell/Internet
• Annual all expense paid CKO trip
• Chairman's Club
• Employee and Customer Referral Bonus Programs

Professional Development

• Mentoring Program
• Limitless career progression and commitment to promoting from within
• $3,000 first year in Professional Development, increasing to $6,000 annually thereafter

Giving Back

• Company-wide initiatives, such as supporting https://www.stemforher.org/
• Paid Time Off for voting and volunteering

Social

• Employee Affinity Groups: Supportive internal networks like Women of Deepwatch
• Annual credit to Deepwatch Swag Store
• Peer Recognition Program (Radical Performer)
• Having a blast! Monthly All Hands and Ask Me Anything calls, interactive wellness programs, social events, cross functional initiatives, annual Company Kick Off event, and department offsite meetings to name a few

Security Analyst II
Security Analyst II, which directly correlates to the Security Operations Center (SOC) Tier II analyst, provide some descriptive analysis; who, what, when, and where but are more focused on the explanative analysis of an event; why and how. These individuals demonstrate a curiosity that is tempered with training and experience. They are capable of developing greater context to events, allowing for more in-depth analysis and leveraging this to develop patterns of behavior in a client. They will develop findings and make recommendations to tune environments as well as facilitating communication with the other members of the customer analyst team.
The shift for this position is Monday thru Friday, 2:00 P.M. - 10:00 P.M. EST.
Position Responsibilities

• Monitor the SIEM for suspicious events and anomalous activity
• Triage security events for criticality
• Validate suspicious events and incidents using open-source and proprietary intelligence sources
• Document and manage incident cases in our case management system
• Notify assigned customers of security incidents Interface with customers to provide investigatory support and additional information as needed
• Triage support requests and help desk queue to maintain SLA Work a shift as needed and directed
• Keep up-to-date with information security news, techniques, and trends
• Identify and report any gaps in log collection or reporting as soon as possible to the customer and deepwatch Engineering
• Report all operational issues or problems to the shift lead
• Report any changes in customer environments to the Lead Analyst
• Contribute to the creation of analytical products
• Document new tools and techniques and disseminate them to the rest of the team
• Mentor and assist Tier I analysts with professional development
• Develop an area of specialty with the goal of becoming a subject matter expert
• Produce original content regarding new threats, techniques and information for internal and external consumption
• Incident Response and threat hunting in client environments
• Become expert with Splunk as an analyst
• Become expert with ServiceNow as an analyst
• Become expert with third-party threat intelligence tools as required

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Requirements
Required Experience, Skills and Knowledge

• 2+ years in Cybersecurity Operations, with preference for MSSP
• Incident Management
• Splunk or a comparable SIEM
• SOAR, Ticketing Systems and Threat Intelligence platforms
• Knowledge of Operating Systems and Networks
• Experience with some or all of the following:
  • Full packet capture analysis (Wireshark, Netwitness)
  • Malware analysis (Static/Dynamic)
  • Host forensics (Windows)
  • Email Analysis
  • Virtualization (VMWare, Virtualbox)
• Strong communication skills, written and verbal
• Ability to work remotely from a home office when not at a client site or corporate office
• Ability to pass a pre-employment background and drug screen in accordance with applicable laws

Preferred Experience, Skills and Knowledge

• Degree in Information Security or Information Technology
• Scripting experience
• Industry recognized cybersecurity certifications:
  • SANS, EC-Council, CompTIA, GCIA, GCIH, CEH, CySA, Net+/Sec+

Colorado* Candidates:
For applicants in Colorado the salary range for this role is $70,000 to $82,000 + bonus + commissions + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.
*Note: Disclosure as required by sb19-085 (8-5-20)
Equal Opportunity Employer
Deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
ITAR Compliance
"This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

• A citizen of the U.S.;
• A lawful permanent resident of the United States;
• A person admitted to the United States as a refugee; or
• A person that has been granted asylum by the United States government."

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment."
#LI-KH1