Job Type
Full-time
Description
Who We Are
Guided by our Core Values, Deepwatch is securing the digital economy by tenaciously protecting enterprise networks - everywhere, everyday. Our team, many of the most technically astute minds in cybersecurity, serves an impressive list of Fortune 500/Global 2000 companies. Our success is driven by our unique IP, Cloud SecOps platform and strategic partnerships with industry leading technology vendors. Deepwatch is:

• CISO Choice Awards: MSSP Winner 2020 & 2021
• Great Place to Work® Certified 2020
• Goldman Sachs portfolio company: $53m Series B investment 2020
• Splunk Partner: #1 Volume MDR/MSSP - Splunk Managed SIEM
• Forrester: Top 10 MDR

What We Do
Deepwatch's innovative cloud platform and borderless SOC extends our customers' cybersecurity teams and proactively protects their brand, reputation and digital assets. Our powerful analytics platform analyzes billions of events each month and is trusted by hundreds of leading global organizations to provide 24/7/365 managed security services. We have developed some of the coolest, most innovative IP in the industry and we're expanding our platform by investing extensively in research and development.
What We Offer
Wellness

• Choice of medical, dental and vision plans with Deepwatch paying 100% of premium for HDHP medical and dental along with a very generous portion for dependents
• FSA (Medical and Dependent) and HSA with employer contribution
• Employer Paid Life Insurance, Short Term Disability and Long Term Disability
• Supplemental Life/Critical Illness/Accident
• Generous Paid Time Off, 9 company holidays, 2 floating holidays
• 8 Weeks Paid Parental Leave
• Wellness contests and monthly educational programs (award-winning at that)
• Employee Assistance Program available to an employee's entire household, free and confidential, available 24/7 with 6 face-to-face counseling sessions
• Employee Discount Program
• Great Place to Work Certified
• Outstanding Rating on Glassdoor
• 100% Remote-First

Financial

• Very competitive salary
• Stock Options for all employees
• 401k with company match
• $2,400 annual stipend for Cell/Internet
• Annual all expense paid CKO trip
• Chairman's Club
• Employee and Customer Referral Bonus Programs

Professional Development

• Mentoring Program
• Limitless career progression and commitment to promoting from within
• $3,000 first year in Professional Development, increasing to $6,000 annually thereafter

Giving Back

• Company-wide initiatives, such as supporting https://www.stemforher.org/
• Paid Time Off for voting and volunteering

Social

• Employee Affinity Groups: Supportive internal networks like Women of Deepwatch
• Annual credit to Deepwatch Swag Store
• Peer Recognition Program (Radical Performer)
• Having a blast! Monthly All Hands and Ask Me Anything calls, interactive wellness programs, social events, cross functional initiatives, annual Company Kick Off event, and department offsite meetings to name a few

Threat Hunter I
Threat Hunters are responsible for identifying malicious activity on networks that bypass security controls. As a Threat Hunter, you will be expected to be on the cutting edge of research and up-to-date with the current attacker tactics and techniques. Threat Hunters are expected to be familiar with the customer's business and the common threats targeting their verticals and technologies. Threat Hunters must be able to effectively communicate with customers, clearly articulate their observations and provide guidance on the results of their hunts. In addition to performing threat hunts, you will be expected to disseminate collected intelligence to Deepwatch Threat Operations.
Position Responsibilities

• Leverage all available tools within the scope of a customer's environment to track anomalous activity and seek malicious actors
• Provide Incident Response support and perform threat hunting in client environments
• Validate suspicious events and incidents by using open-source and proprietary intelligence sources
• Document new tools and techniques and disseminate them to the rest of the team
• Report, document and manage incidents in a case management system
• Interface with customers to resolve issues, provide additional information, and answer questions related to incidents and hunt efforts
• Keep up-to-date with information security news, techniques, and trends
• Escalate any gaps in log collection or reporting as soon as possible if identified
• Produce content regarding new threats, techniques and information for internal and external consumption (hunts, dashboards, alerts, reports, SOAR workbooks, use cases, blogs, etc.)
• Threat Assessment and Planning (Threat Modeling)
• Performs other duties as assigned

Requirements
Required Experience, Skills and Knowledge

• 4+ years in Cybersecurity Operations or related/equivalent experience
• Strong communication skills, both written and verbal
• Experience communicating with and presenting to customers
• Experience with Incident Handling and Response
• Experience with Operating Systems and Networks
• Demonstrate Subject Matter Expertise (SME) in at least one of the following areas:
  • Digital Forensics & Incident Response (DFIR)
  • Malware Analysis
  • Reverse Engineering
  • Threat Intelligence
  • Network Traffic Analysis
  • Threat Hunting
  • Penetration Testing
• Strong understanding of attacker methodology including the tactics, techniques, and procedures
• Ability to pass a pre-employment background and drug screen in accordance with applicable laws

Preferred Experience, Skills and Knowledge

• Bachelor's Degree and 5+ years in Cybersecurity Operations or related/equivalent experience
• Experience in SOAR, Ticketing Systems and Threat Intelligence platforms
• Scripting, coding, API programming, tool development
• Industry recognized cybersecurity certifications:
  • Such as OSCP, GCFA, GCIA, GCIH, CEH, GREM, CHFI

Colorado* Candidates :
Minimum salary of $96,000 + bonus + commissions + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.
*Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when working remotely from the state of Colorado.
Equal Opportunity Employer
Deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
ITAR Compliance
"This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

• A citizen of the U.S.;
• A lawful permanent resident of the United States;
• A person admitted to the United States as a refugee; or
• A person that has been granted asylum by the United States government."

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment."
#LI-KH1