Job Specifications
The Company
Every day, NuHarbor Security improves the cybersecurity of our clients by making it stronger and easier to understand. Our comprehensive suite of security services, from strategic advising to 24-hour monitoring and management, provide an organizational view of security that is focused on results and recommendations that are valuable for both business and technical leaders. We're growing quickly because our clients, and the general market, are looking for these outcomes and for the data it gives them to explain, promote, and justify, their security investment and mission.
The Role
The Security Operations Analyst, MDR will be responsible for reviewing alerts in Microsoft Sentinel and CrowdStrike and actively alerts investigating to closure. This role will perform incident response to proactively work with clients to mitigate known risks.
What you'll do
Live by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House
Provide and is an active participant in Incident Response process to support client needs.
Continually researches the cyber industry to stay up to date on current threats, threat actors' tactics and techniques, and emerging vulnerabilities.
Review analytics queries and tuning metrics to ensure assigned and working properly.
Ensure proper documentation of activities and monitors security alerts, events, and trends on behalf of clients.
Develop, implement, and improve documentation and operational processes.
Independently conduct investigations and provides actionable, context relevant, escalations and recommendations to clients.
Attend quarterly meetings and client satisfaction calls as a representative for the Analyst team.
Is responsible for ensuring Analyst portions of quarterly reports are generated to standard and on-schedule.
Proactively identify and communicate internal and client risks.
Maintain current certifications and training to support our clients effectively.
Develop recommendations and enhancements to mature a client's cybersecurity program.
Your foundation. The requirements for this role:
Bachelor's Degree and five (5) years of experience. Experience should be in a cybersecurity field and should include relevant industry certifications.
In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required.
Demonstrated experience with SIEM solutions, SOC operations, executing security event triaging and tuning.
Experience working in CrowdStrike and/or Microsoft Sentinel or Defender.
Strong understanding of Incident Response phases and demonstrated experience responding to security incidents.
Demonstrated verbal and written communication skills for various internal and external audiences.
Must have an advanced understanding of, and ability to communicate, security technologies that can be used to mitigate cyber risks.
Experience and fluency in participating and leading incident response and/or forensic analysis.
Proficiency with operating systems such as Windows/Linux and related
Deep understanding of software and systems.
Demonstrated knowledge of security log and infrastructure design.
Ability to explain simple hardening methods for network and process detections.
Familiarity with common endpoint concepts.
Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats.
Ability to anticipate problems, communicate them, and resolve appropriately.
Holds at least one of the following CrowdStrike Certifications:
CCFR - CrowdStrike Certified Falcon Responder
CCFA - CrowdStrike Certified Falcon Administrator
CCFH - CrowdStrike Certified Falcon Hunter
Must be a citizen of the United States.
Additional capabilities that will differentiate you for this role:
Bachelor's Degree and seven (7) or more years in the Information Technology field.
Holds at least one relevant industry certification (GCFA, GCIH, CEH, CISSP, etc.)
Demonstrated experience providing service to a broad range of users and experience levels.
Aptitude and desire to develop and help build new capabilities in the SOC.
Attention to detail and a methodical approach to standard operating procedures.
Ability to manage multiple concurrent objectives or activities and effectively make judgments.
Understanding of common network services and attacks against them.
Experience identifying gaps within security control architecture.
Technical experience in cybersecurity field is preferred.
Holds Azure certifications (AZ-500, AZ-700, AZ-305) .
Base Salary for this role is targeted at $110,000 - $125,000 annually. *Salary based on Burlington, VT salary data. Offer is based on candidate geography. Additionally, this role is eligible for the company bonus plan at a 10% target.
The Rewards
What you can expect:
The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.
An organization that
About the Company
NuHarbor Security is a leading national cybersecurity services firm, supporting the diverse needs of hundreds of clients with clear, comprehensive, and outcome-based solutions. We support only best-of-breed security technologies with thoroughly trained and vetted analysts. We make cybersecurity easier for our clients by integrating the most comprehensive set of security services in the market, from compliance and offensive testing to award-winning 24/7 managed security operations. What's more, NuHarbor advisors analyze infor...
Know more