Posted: 12 July
Offer description
Key Responsibilities:
eSentire is dedicated to protecting its customers 24/7/365. As a Tier II Security Analyst, you will play a vital role in achieving this goal by performing security analysis tasks across network, endpoint, log, and cloud security in a fast-paced and dynamic environment.
Your responsibilities will include:
* Completing complex high-priority client support tickets
* Participating in Incident/Breach response investigations and deliver incident response reports and after-action reviews
* Work on various internal projects/initiatives such as UAT of new SOC tools, working cross-functionally with other teams/departments as a stakeholder for the Service Delivery Organization
* Writing or providing input to our Learning and Development team on KB Articles or training content
* Delivering training modules and conducting assessments with new hires
* Ongoing mentoring and coaching of Tier I Analysts
* Participating in Quarterly Service Reviews (QSRs) with our Customer Success Team providing technical input from the SOC where necessary
* Secondary review and approval of permanent signal filters, Global Denylist IP Nominations, and high-priority client alerts
* Critical Event Reviews – performing secondary audits of selected signals and following up with analysts and clients as necessary
* Analyze incoming security signals in real time with a balance of accuracy and speed using a variety of forensic tools
* Apply investigative tools, techniques, and procedures (TTPs), use your understanding of the security threats associated with the incoming signals and follow defined Runbooks to determine and execute the relevant actions
* Perform allowlisting/filtering of false positive signals
* For confirmed true positive signals, you will alert clients using defined templates and escalate high-priority alerts to clients by phone
* Block malicious network traffic and isolate infected hosts on customers' networks
* Add malicious IOC's to eSentire's Global Deynlist for all customers where appropriate
To be successful in this role, you will need to have:
* A relevant degree in Computer Science, IT Security, IT Management, IT Support, or related discipline
* The completed course must include a strong focus on networking and security
* 3+ years' full-time experience in a Security Operations Centre or similar Cyber Security Analysis role excluding time spent on an intern or work experience program
* Hands-on experience in at least one of the following Security domains:
o Network Security including Intrusion Detection Systems (IDS)
o Windows Endpoint Security, using EDR products such as VMware Carbon Black Response/Threat Hunter, Crowdstrike Falcon, or Microsoft Defender ATP
o SIEM/Log Management, using products such as SumoLogic, Splunk, or similar
* Knowledge and experience of network and endpoint security technologies including:
o Packet Capture (PCAP) Analysis using Wireshark
o Windows system internals, knowledge of PowerShell
o Linux Kernel and basic scripting (Bash/Python) knowledge
* Analytical mind with strong attention to detail and a commitment to quality of service
* Strong customer-facing written and verbal communication skills with the ability to effectively communicate complex security concepts with end customers
* Demonstrated experience to confidently handle escalated client issues, diffuse challenging situations, and deliver an optimal customer experience
* Natural ability to thrive in a fast-paced and time-sensitive environment
eSentire offers a comprehensive benefits package tailored to support your well-being. Our package includes:
* Comprehensive health benefits
* Flexible vacation plan
* Participation in our company-wide equity program, allowing you to share in the success and growth of our organization
We strive to provide a welcoming, respectful, and thorough interview process, providing the candidate with ample opportunity to spend time with the hiring manager, recruiter, and future colleagues face-to-face or using a video conference technology.
Total Rewards
At eSentire, we value your talents and unique perspectives. We look forward to the opportunity to work together to build a more inclusive future.
