What's your preference?
Job Description
- Req#: 111
SOC 2 Contract
Through 2026
Supporting APAC Time zones
Responsible for investigating security incidents and determining their root causes. They review incidents that have been escalated by Tier 1 analysts, who are responsible for collecting data and reviewing alerts. Tier 2/3 analysts use threat intelligence, such as indicators of compromise , TTPs, and company host system/network data sets to assess the alerts, threats and potential incidents in more depth.
They have deep experience with SIEM tools specifically Crowdstrike SIEM, network data, host data, Identity and Access log data, developing SIEM use cases, reducing/tuning false alerts and leading investigations until issues have been resolved. They will also monitor systems and events across different operating systems, such as Windows, macOS, and Linux.
Must be proactive, problem solver and curious.
Must have 5+ years recent experience as Tier 2 or 3 analyst at a large organization; government and Critical Infrastructure company preferred.
Must have strong, demonstrated SIEM and data correlation experience
Must have demonstrated experience designing new SOC use cases and working with vendor on implementing new use cases.
Must have experience designing and implementing runbooks and use cases to mitigate security incidents
Experience designing Incident Response plan, including alert definition, runbooks, escalation, etc..
Must have extensive experience reviewing and managing alerts in Microsoft Defender, Splunk and or Crowdstrike
Must have experience conducting hunts across disparate data sets, to include host data, vulnerability data, threat data, network data, active directory data, among others to identify threats
Experience leading timely security operations response efforts in collaboration with stakeholders
Experience documenting incident response communications for technical and management audiences
Must have experience setting up alert rules and effective alert management
Demonstrated ability to create runbooks and conducting investigations with key application, IT Infra and other stakeholders
Experience designing custom SOC SIEM use cases in Defender, Splunk and CRWD
Experience conducting forensic work investigations
Most be a problem solver
Must be curious
Must be analytical, qualitative and quantitative abilities
Must be adaptive to dynamic environment
Strong security operations documentation abilities
About the company
Device-free, code-free multi-factor authentication & continuous authentication solutions using patented zero trust behavioral biometrics technology.
Notice
Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.
Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.
An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.