Job Overview
eSentire's mission is to proactively protect businesses from cyber threats. Our organization thrives on transparency, teamwork, and continuous innovation.
Key Responsibilities:
* Conduct real-time analysis of incoming security signals with a balance of accuracy and speed using various forensic tools.
* Apply investigative techniques, understanding the security threats associated with incoming signals, and follow defined runbooks to determine and execute relevant actions.
* Perform allowlisting/filtering of false positive signals.
* Alert clients to confirmed true positive signals using defined templates and escalate high-priority alerts via phone.
* Block malicious network traffic and isolate infected hosts on customers' networks.
Tier II Responsibilities:
1. Complete complex high-priority/escalated client support tickets.
2. Participate in incident/breach response investigations and deliver incident response reports and after-action reviews.
3. Collaborate on internal projects/initiatives such as UAT of new SOC tools, working cross-functionally with other teams/departments as a stakeholder for the Service Delivery Organization.
4. Contribute to Knowledge Base articles or training content.
5. Deliver training modules and conduct assessments with new hires.
6. Ongoing mentorship and coaching of Tier I Analysts.
7. Participate in Quarterly Service Reviews (QSRs) with the Customer Success Team providing technical input from the SOC where necessary.
8. Secondary review and approval of permanent signal filters, Global Denylist IP Nominations, and high-priority client alerts.
9. Critical Event Reviews – performing secondary audits of selected signals and following up with analysts and clients as necessary.
Our organization values diversity and inclusivity, promoting an environment that celebrates individual perspectives and backgrounds.