Security Analyst

COMPANY OVERVIEW

ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker® platform with Application Allowlisting, Ringfencing™, Storage Control, Elevation Control, Endpoint Network Control, Configuration Management, and Operational Alert solutions are leading the cybersecurity market toward a more secure approach of blocking the exploits of application vulnerabilities.

POSITION OVERVIEW

As a Jr Security Analyst focused on endpoint protection, you will play a crucial role in safeguarding our clients' systems against cyber threats. You will be responsible for responding to ThreatLocker Ops alerts generated by our EDR system, which detects malicious behavior. Your duties will include reviewing logs based on these alerts, determining the nature of the activity, managing alerts, and communicating with customers regarding any identified threats.

• Respond promptly to ThreatLocker Ops alerts generated by our Zerotrust EP and EDR  system.
• Review logs based on alerts to assess the potential threat level and determine if the activity is malicious.
• Manage alerts effectively, escalating as necessary based on severity and impact.
• Communicate findings and actions taken to customers, providing clear and concise information about known threats.
• Stay updated on the latest cybersecurity threats and techniques to better identify and mitigate risks.

REQUIRED QUALIFICATIONS

• CompTIA Security+
• Familiarity with SIEM (Security Information and Event Management) systems.
• Strong analytical and problem-solving skills.
• Experience working with the Windows Operating System.
• Ability to adapt and thrive in a fast-paced environment.
• CompTIA Network+; preferred
• CompTIA CYSA+; preferred
• Security Blue Team Level 1; preferred
• Understanding of Living-Off-The-Land (LOTL) binaries and techniques.
• Proficiency in scripting languages such as PowerShell and Batch.
• Familiarity with the MITRE ATT&CK framework.
• Experience with CyberChef and de-obfuscation techniques.

WORKING CONDITIONS

The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.

• Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations.
• While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools.
• Must occasionally lift and/or move up to 25 pounds.
• Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus