Who We Are
deepwatch is redefining cybersecurity and is one of the fastest growing companies in the U.S. (Top 50 based on last year’s Inc5000). deepwatch serves an impressive list of Fortune 50 and Global 2000 companies as well as numerous mid-sized enterprises. We’ve established strategic partnerships with leading security vendors and serve as a trusted advisor to our customers. Our Core Values drive all aspects of the business and have been paramount to the company’s success and foster our dynamic, entrepreneurial workplace. At deepwatch, your colleagues are some of the most technically astute minds in cybersecurity, who are passionate, knowledgeable, and willing to provide mentorship and guidance at every opportunity.
deepwatch's innovative cloud SecOps platform and borderless SOC delivers data-driven managed security services while extending customers’ cybersecurity teams and proactively protecting their brand, reputation and digital assets. deepwatch's powerful analytics platform, led by 200+ experts, analyzes billions of events each month and is trusted by hundreds of leading global organizations to provide 24/7/365 managed security services. We have some of the coolest, most innovative IP in the industry and we’re rapidly expanding that.
If you have the passion, work ethic, winning attitude and competitive mindset to be at the forefront of the best entrepreneurial MSSP|MDR in the U.S., we want you on our team.
- Knowledgeable and skilled colleagues seeking collaboration
- We pay a significant portion of our employees’ medical and dental premiums (100% for the HDHP plan) and a very generous portion for dependents
- FSA (medical and dependent) and HSA with employer contribution
- Company paid Life Insurance, Short Term Disability and Long Term Disability
- 401k retirement plan with employer match
- Paid Time Off
- 10 Company Holidays
- Most positions allow for some amount of telework and flextime, enabling our employees to manage work & life
- All employees enjoy a generous mobile phone and home internet allowance
- Apple products
- Robust referral bonus program
- Career paths
- Annual budget for Professional Development
Security Analyst I
The Security Analyst I, which directly correlates to the Security Operations Center (SOC) Tier I analyst, is focused on providing descriptive analysis. They will answer questions such as the who, what, when, and where of events. These are curious individuals who actively work to develop a better understanding of the environments they are assigned. They collaborate with other analysts, threat hunters, customer analysts and the lead analyst.
The shift for this position is Weekend Days, Saturday and Sunday 6a - 6p Eastern Time. 2 additional 8-hour shifts during the week are initially scheduled for Monday and Thursday afternoons, 2p-10p EST.
- Monitor the SIEM for suspicious events and anomalous activity
- Triage security events for criticality
- Validate suspicious events and incidents using open-source and proprietary intelligence sources
- Document and manage incident cases in our case management system
- Notify assigned customers of security incidents Interface with customers to provide investigatory support and additional information as needed
- Triage support requests and help desk queue to maintain SLA Work a shift as needed and directed
- Keep up-to-date with information security news, techniques, and trends
- Identify and report any gaps in log collection or reporting as soon as possible to the customer and deepwatch Engineering
- Report all operational issues or problems to the shift lead
- Report any changes in customer environments to the Lead Analyst
- Contribute to the creation of analytical products
- Document new tools and techniques and disseminate them to the rest of the team
- Incident Response in client environments
- Become functional with Splunk as an analyst
- Become functional with ServiceNow as an analyst
- Become functional with third-party threat intelligence tools as required
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. . Requirements:
Required Experience, Skills and Knowledge
- Degree in Information Security or Information Technology or formal practical training in Cybersecurity Operations
- Demonstrated passion and interest in cybersecurity
- Strong communication skills, written and verbal
- Ability to work remotely from a home office when not at a client site or corporate office
- Ability to pass a pre-employment background and drug screen in accordance with applicable laws
Preferred Experience, Skills and Knowledge
- Cybersecurity Operations, with preference for MSSP
- Incident Management
- Industry recognized cybersecurity certifications:
- CompTIA, Net+/Sec+, et. al.
- Experience with or training on Splunk or a comparable SIEM
- Experience with or training on SOAR, Ticketing Systems and Threat Intelligence platforms
- Familiarity with Operating Systems and Networks
- Experience with or training on some or all of the following:
Full packet capture analysis (Wireshark, Netwitness)
Malware analysis (Static/Dynamic)
Host forensics (Windows)
Virtualization (VMWare, Virtualbox)
Equal Opportunity Employer
deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.