Triage and analyze security alerts from our security tools to assess their severity, correlate events, and determine response actions
Investigate security incidents to determine root cause, scope, and impact by collecting evidence, conducting forensic analysis, and documenting the process
Conduct proactive threat hunting activities by analyzing network traffic, identifying suspicious patterns, and investigating potential indicators of compromise
Perform vulnerability assessments using Tenable/Nessus to scan systems, analyze vulnerabilities, and recommend mitigation strategies
Develop and maintain security documentation, including incident reports, playbooks, and procedures to ensure consistent response and improve security posture
Collaborate with network engineers and system administrators to implement network security controls, conduct system hardening, and improve the overall security posture of the infrastructure
Support and administer security tools and technologies, including CrowdStrike, Tenable/Nessus, Cisco security products, Microsoft Sentinel, and other relevant platforms
What Qualifies You
3+ years of experience in a cybersecurity role, with a strong understanding of SOC operations, incident response, and security monitoring tools
Experience with MDR/MSSP services and technologies, providing insight into threat detection, incident analysis, and security monitoring best practices
Strong understanding of cybersecurity principles and incident response methodologies, including knowledge of security threats, vulnerabilities, and attack vectors
Hands-on experience with CrowdStrike administration and investigation, demonstrating proficiency in using its endpoint security platform for threat detection and incident response
Proficiency in Tenable/Nessus vulnerability management and scanning, including conducting vulnerability assessments and recommending remediation actions
Experience with alert triage and investigation, including log and network traffic analysis to identify and investigate potential threats
Excellent communication and collaboration skills, with the ability to convey security information to both technical and non-technical audiences and work effectively with other teams
Preferred Qualifications
Experience with Cisco ISE, CSW, and XDR technologies and Microsoft Sentinel
Relevant industry certifications (e.g., CompTIA Security+, CySA+, GIAC certifications)
Bachelor's degree in cybersecurity, computer science, or a related field
