Stratascale – An SHI Company · 3 days ago
Sr. Security Analyst- Operations
Maximize your interview chances
Cloud ComputingCyber Security
Insider Connection @Stratascale – An SHI Company
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Support incident handling processes across multiple platforms and security technologies including Windows, Linux and macOS.
Provide level 2 escalation point for incident triage, investigation, and response.
Provide in-depth analysis of escalated requests originating from clients or their Managed Detection & Response (MDR) services.
Validate suspicious events by performing investigations using SIEM and SOAR technologies, leveraging threat intelligence and OSINT, TTPs and IOCs.
Identify gaps in client environments, data ingestions, or configuration errors which reduce quality of security alerts.
Work with client and leadership to surface and resolve concerns around the security program.
Provide support to Security Analysts including coaching and training as necessary.
Leverage your knowledge of Alert Triage, SOC Operations, and Depth in Defense strategies to contribute to projects for overall client success
Produce high-quality written and verbal communications, recommendations, and findings to client management in a timely manner
Address improvement opportunities within Stratascale for automation and process improvements.
Provide the client with a complete understanding of the investigations and suggest corrective actions to resolve alerts.
Participate in the development of cross-practice training or delegate training to team members on practice discipline capability, associated offerings, industry positioning and selling strategies.
Provide off-hours support for Alert Management – as assigned.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
5 -8 years of experience in alert management across multiple SIEMs such as Splunk, Log Rythm, and Sentinel.
5-8 years of experience in alert tuning, threat detection, and incident response.
5 -8 years of experience with cyber security principles, concepts, and practices, including the ability to perform a complete and thorough incident investigation and triage with limited support.
5-8 years of experience working with modern SOC solutions to include, but not limited to SIEM, EDR, Firewalls, Cloud Providers, Web Applications, etc.
Strong fundamental understanding of technical security solutions and how they address client risk exposure and solve key use cases.
Strong problem-solving capabilities with the ability to analyze complex data, identify patterns, and develop strategic solutions.
Demonstrate the ability to pivot to other log sources, cloud systems, or consoles to perform a comprehensive analysis from multiple data sources.
Proactive and self-motivated mindset.
Ability to work effectively and add value as a team member for the practice discipline.
Excellent verbal and written communication skills, with the ability to effectively explain technical concepts to non-technical individuals and communicate with clients.
Ability to train and disseminate information within an area or operation and work effectively within all levels of an organization, both internally and externally.
Ability to engage and discuss technical and non-technical concepts with many client audience types, including C-Suite, VP/Director, Architect, Engineer, and Analyst resources.
Poses an ability to simplify and explain complex problems to stakeholders of all levels across multiple functions.
Entrepreneurial mindset with the ability to identify value in unstructured situations.
Emotional intelligence, flexible work style, and excellent diplomatic skills across all levels of the organization.
Attention to detail, organization, and follow-up skills are critical.
Initiative to research and resolve problems with a positive attitude.
Excellent presentation skills and comfortable leading meetings and discussions.
Ability to mentor and guide others.
Preferred
Industry certifications: CIAM, CISM / CISA / CRISC, SANS (GSEC, GREM, GCIH), CISSP.
Vendor Solutions and product specific certifications or experience (or equivalent): Sumo Logic/Sentinel, Microsoft Defender/ Crowdstrike / SentinelOne, MDR/MSSP security engineering experience.
Benefits
Medical
Vision
Dental
401K
Flexible spending
Company
Stratascale – An SHI Company
Delivers “Digital Agility” using a consultative approach to design, delivering, and supporting technology to transform your business
Funding
Current Stage
Growth StageRecent News
2024-05-23
Company data provided by crunchbase