Back to all jobs

Security Analyst II - Weekday Night (remote)

deepwatch, inc.

US only

Feb 22

 Who We Are
Guided by our Core Values, deepwatch is securing the digital economy by tenaciously protecting enterprise networks - everywhere, everyday. Our team, many of the most technically astute minds in cybersecurity, serves an impressive list of Fortune 500/Global 2000 companies. Our success is driven by our unique IP, Cloud SecOps platform and strategic partnerships with industry leading technology vendors. deepwatch is:
  •  CISO Choice Awards: MSSP Winner 2020
  •  Great Place to Work® Certified 2020
  •  Goldman Sachs portfolio company: $53m Series B investment 2020
  •  Splunk Partner: #1 Volume MDR/MSSP - Splunk Managed SIEM
  •  Forrester: Top 10 MDR
 What We Do
 deepwatch's innovative cloud platform and borderless SOC extends our customers’ cybersecurity teams and proactively protects their brand, reputation and digital assets. Our powerful analytics platform analyzes billions of events each month and is trusted by hundreds of leading global organizations to provide 24/7/365 managed security services. We have developed some of the coolest, most innovative IP in the industry and we’re expanding our platform by investing extensively in research and development.
 What We Offer
  •  Choice of medical, dental and vision plans with deepwatch paying 100% of premium for HDHP medical and dental along with a very generous portion for dependents
  •  FSA (Medical and Dependent) and HSA with employer contribution
  •  Company paid Life Insurance, Short Term Disability and Long Term Disability
  •  Generous Paid Time Off, 8 company holidays, 2 floating holidays
  •  Wellness Programs
  •  Remote Workforce
  •  Stock Options: All full time employees are awarded stock options
  •  401k with company match
  •  Generous mobile phone and home internet allowance
  •  Referral Bonus and recognition programs for exhibiting our Core Values
 Professional development
  •  Mentoring Program
  •  Limitless career progression and commitment to promoting from within
  •  Up to $6K annually per employee for Professional Development
 Giving Back
  •  Company-wide initiatives, such as supporting
  •  Paid time off for Community Service
  •  Voting Leave
  •  Employee Affinity Groups: Supportive internal networks like Women of deepwatch
  •  dw Swagger: annual credit to the deepwatch Swag Store to show your dw pride
  •  Having a blast! Monthly All Hands and Ask Me Anything calls, interactive wellness programs, social events, cross functional initiatives, annual Company Kick Off event, and department offsite meetings to name a few
 Security Analyst II
 Security Analyst II, which directly correlates to the Security Operations Center (SOC) Tier II analyst, provide some descriptive analysis; who, what, when, and where but are more focused on the explanative analysis of an event; why and how. These individuals demonstrate a curiosity that is tempered with training and experience. They are capable of developing greater context to events, allowing for more in-depth analysis and leveraging this to develop patterns of behavior in a client. They will develop findings and make recommendations to tune environments as well as facilitating communication with the other members of the customer analyst team.
 The shift for this position is Weekday Night - 10p-6a EST
 Position Responsibilities
  •  Monitor the SIEM for suspicious events and anomalous activity
  •  Triage security events for criticality
  •  Validate suspicious events and incidents using open-source and proprietary intelligence sources
  •  Document and manage incident cases in our case management system
  •  Notify assigned customers of security incidents Interface with customers to provide investigatory support and additional information as needed
  •  Triage support requests and help desk queue to maintain SLA Work a shift as needed and directed
  •  Keep up-to-date with information security news, techniques, and trends
  •  Identify and report any gaps in log collection or reporting as soon as possible to the customer and deepwatch Engineering
  •  Report all operational issues or problems to the shift lead
  •  Report any changes in customer environments to the Lead Analyst
  •  Contribute to the creation of analytical products
  •  Document new tools and techniques and disseminate them to the rest of the team
  •  Mentor and assist Tier I analysts with professional development
  •  Develop an area of specialty with the goal of becoming a subject matter expert
  •  Produce original content regarding new threats, techniques and information for internal and external consumption
  •  Incident Response and threat hunting in client environments
  •  Become expert with Splunk as an analyst
  •  Become expert with ServiceNow as an analyst
  •  Become expert with third-party threat intelligence tools as required
 To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. . Requirements: 
 Required Experience, Skills and Knowledge
  •  2+ years in Cybersecurity Operations, with preference for MSSP
  •  Incident Management
  •  Splunk or a comparable SIEM
  •  SOAR, Ticketing Systems and Threat Intelligence platforms
  •  Knowledge of Operating Systems and Networks
  •  Experience with some or all of the following:
  •  Full packet capture analysis (Wireshark, Netwitness)
  •  Malware analysis (Static/Dynamic)
  •  Host forensics (Windows)
  •  Email Analysis
  •  Virtualization (VMWare, Virtualbox)
  •  Strong communication skills, written and verbal
  •  Ability to work remotely from a home office when not at a client site or corporate office
  •  Ability to pass a pre-employment background and drug screen in accordance with applicable laws
 Preferred Experience, Skills and Knowledge
  •  Degree in Information Security or Information Technology
  •  Scripting experience
  •  Industry recognized cybersecurity certifications:
 SANS, EC-Council, CompTIA, GCIA, GCIH, CEH, CySA, Net+/Sec+
 Colorado Candidates:
 Minimum salary of $64,000+ stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.
  • Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when working remotely from the state of Colorado.
 Equal Opportunity Employer
 deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.