Apply on Employer Site

Coterie Insurance · 1 month ago

Lead Cybersecurity Analyst

United States

Full-time

Remote

Senior Level

$130K/yr - $140K/yr

5+ years exp

Coterie Insurance is focused on transforming small business insurance through innovative technology and a partnership-based approach. The Lead Cybersecurity Analyst will oversee the organization's incident response program, manage security operations, and enhance threat detection and incident response capabilities.

Commercial InsuranceFinancial ServicesInsuranceInsurTech

No H1B

U.S. Citizen Only

Responsibilities

Perform security monitoring and analysis to detect and investigate security incidents

Manage and tune our SIEM, including rule/detection creation

Build out automations to create efficiencies across the security operations function, especially at the triage level

Work with internal and external teams to determine the impact caused by detected intrusions, identify how an intrusion occurred, perform root cause analysis, and assist in recovery efforts

Act as a SME for security operations initiatives that contribute to greater visibility, improved processes, and maximum value from our toolset

Provide reporting to help management understand current risk levels

Develop and maintain metrics that matter and communicate those through dashboards and reporting to leadership

Create and maintain IR playbooks

Act as incident commander during incidents and lead incident response tabletop exercises

Review data from various sources and assess cyber intelligence to support in-depth analysis of various threats

Support compliance and audit requirements related to security operations

Identify and improve upon process and technology gaps within the incident response program and security posture overall

Partner with other teams to continue to mature security across the organization

Take on additional assignments aligned with organizational priorities

Availability to be on call every other week to address critical alerts

Qualification

Incident responseSIEM managementThreat detectionLog analysis (KQL)Azure cloud experienceNetwork traffic analysisMicrosoft 365 securityContainer securityPowershellSoft skills

Required

5+ years in cybersecurity and 3+ years in Azure cloud-native environments

Advanced understanding of incident response and investigations

Experience monitoring a SIEM or equivalent, investigating incidents, and utilizing threat intelligence to enhance detections

Advanced log analysis (KQL)

Experience analyzing network traffic (packets) and investigating phishing and business email compromise

Self-motivated, enthusiastic, detail oriented, skilled in intelligent multi-tasking, and adaptable

Able to evaluate risk and make risk-based recommendations for escalation or de-prioritization of remediation/mitigation efforts

Exceptional written and verbal communication

Preferred

Microsoft 365 including Office 365 security experience

Container security experience (Docker, Kubernetes, etc)

Powershell experience

Security (e.g. CySA+, CISSP, GIAC, etc.) or Cloud Certifications (e.g. Azure, CCSP)

Benefits

100% remote

Health insurance through Aetna (we pay 100% of premiums)

Dental and vision insurance through Guardian (we pay 100% of premiums)

Basic life insurance (we pay 100% of premiums)

Access to flexible spending account (FSA) or health savings account (HSA) (for those using HSA eligible plans)

401K plan (up 4% match with immediate vest). Must be 21 years of age or older to participate

Flexible PTO policy offering up to 3 weeks of time off to support onboarding and integration during the first twelve months of employment. After the first year of employment and effective as of the anniversary date, eligibility transitions to up to 4 to 5 weeks of time off annually to recharge and sustain long-term success.

12 company-paid holidays each year

Continuing education annual stipend