Security Analyst, Incident Response - Remote

Overview

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud’s solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you’re driven to align your career with a fantastic mission, look no further!

In Short

• Perform in-depth analysis of security alerts and incidents across the enterprise and SpyCloud’s products
• Create runbooks for incident response and case handling
• Contribute to the ongoing creating and tuning of detection rules and automated incident handling functions
• Evaluate and enhance incident response capabilities by leading process improvements, runbook adoption, and automation
• Perform guided threat hunting exercises using available security telemetry
• Contribute to the onboarding of new security data sources
• Occasional after-hours work to support incident response efforts

Requirements

• 2-3 years of full-time experience in incident response or security operations
• Strong experience with log analytics platforms for security investigations, preferably Splunk
• Proficiency with EDR, DLP/Insider Risk, email security platforms
• Experience monitoring and responding to threats and vulnerabilities in AWS, Linux, and MacOS

Benefits

• 401(k) with Employer Contribution
• Health, Vision, and Dental Insurance
• Employer Paid Life, Short-term, and Long-term Disability Insurance
• Generous PTO Plan and 16 paid holidays per year