Cybereason is looking for curious, diligent, technical people to be a part of our Global SOC team. As a member of this elite team, you’ll take an integral role within a 24x7 operational SOC, providing Managed Detection and Response (MDR) services to large organizations around the globe. You’ll be working closely with some of the best minds in incident response, malware analysis, and security research, partnering with our customers and partners to defend against the most advanced adversaries. Main responsibilities (includes but not limited to):
- Performing ongoing security analysis and triage of escalated and critical endpoint, network, mobile, and cloud alerts.
- Participating in various stages of incident investigations and threat hunting engagements
- Writing and delivering detailed investigation and analysis reports while maintaining technical documentation
- Analysis and research into new, emerging, or trending attacks, actors, malware samples, and TTPs
- Engaging in customer-facing interactions at all levels from SOC analysts to c-suite executives
- Processing and exploitation of data to produce actionable threat intelligence for internal hunting teams and customers
- Working closely with internal company teams (such as Product, Customer Success, etc.)
What we are looking for
- 6+ years of experience working in IT security
- 3+ years of relevant cybersecurity experience in Incident Response, endpoint security, digital forensics, and a strong knowledge working in a 24x7/follow-the-sun SOC
- Background and experience in at least two of the following is a must:
- Malware analysis, Threat Intelligence, Penetration Testing, Incident Response, Reverse Engineering, or Digital Forensics.
- Strong knowledge of modern operating systems (Windows – a must, OS X and Linux – advantage)
- Strong knowledge of cloud environments and infrastructure
- Solid foundation in networking protocols and architectures
- Experience with security tools and frameworks, particularly with open-source tools (such as Sysinternals, OLE tools, Volatility, debuggers, disassemblers, etc.)
- Experience with a scripting language (Python, Bash, PowerShell, etc.)
- Self-motivated and results-oriented; capable of leading and completing assignments without supervision
- Strong organizational skills and ability to handle a wide range of tasks and re-prioritize them on short notice
- Motivation to constantly improve processes and methodologies
- Ability to dive deep into a problem
- Able both independently as well collaborate within a team in a remote work setting.
- Excellent interpersonal, verbal and written communication skills, ability to elucidate technical content to non-technical personnel
- Good written and oral communication skills, experience working with international customers
Strong advantage to candidates with solid background in: - Endpoint security, cloud security, threat analysis, and DFIR
|