Threat Detection & Response Analyst
Location: Remote (USA)
Experience Level:
Junior to Mid-level (Senior role may be considered for the right applicant)
Position Type:
Volexity Security Operation Center (SOC) Staff
JOB DESCRIPTION
Volexity’s Threat Detection & Response Analyst will work to protect organizations from a wide variety of threats, ranging from commodity phishing and malware campaigns to highly targeted attacks involving zero-day exploits.
Candidates applying for this role should expect a job opportunity where they can:
• Analyze and respond to advanced and emerging threats
• Work on investigations that evoke a sense of personal investment
• Be part of a growing industry-leading security operations team
• Collaborate with Volexity’s Threat Intelligence and Incident Response teams
• Help protect NGOs, activists, dissidents, human rights defenders, and other highly targeted groups
Candidates are expected to have a minimum of two years of experience in an IT Security focused role, specifically with a strong emphasis on investigating security incidents stemming from alerts generated by network intrusion detection systems, endpoint detection response/antivirus software, and logs generated from security devices and/or productivity suites (e.g., Microsoft 365, Google Workspace, etc.).
RESPONSIBILITIES
Responsibilities of a Threat Detection & Response Analyst will include but not be limited to:
• Monitoring and triaging alerts generated via network security monitoring, EDR platforms, and other log sources
• Threat hunting across Volexity’s customer base to look for new or previously undetected threats
• Creating detailed incident reports that provide context, as well as actionable recommendations and next steps
• Assisting in the creation of detection content and alert signatures, as well as helping tune signatures as needed to improve detection accuracy
• Working closely with customers, responding to inquiries and questions in a timely fashion
• Tracking industry activity, such as new vulnerabilities and threat reports
REQUIRED SKILLS
As a Threat Detection & Response Analyst, the expected skillset should include:
• Excellent understanding of network protocols and operating systems as they relate to threat detection
• Detailed knowledge of the current threat landscape and the TTPs of various threat actors
• Ability to quickly determine the scope of a given threat detected, identifying indicators of compromise, and assessing the criticality of the threat to properly prioritize reporting and response
• High-quality written communication skills, with the ability to document findings for customers in long-form reporting
• Experience reviewing other team member’s work to ensure high standards across the team
• Resourceful self-starter who can work both with a team and independently, when required
PREFERRED EXPERIENCE
Successful candidates for this role may also demonstrate the following experience or skills:
• Ability to write YARA and Suricata signatures; a successful candidate will be able to recognize the qualities of good signatures and create solid signatures for both the YARA and Suricata formats
• Basic or higher proficiency in Malware Analysis
• Ability to write detection logic for a variety of systems, such as SentinelOne, Microsoft Defender for Endpoint, or other endpoint detection and response solutions
• Prior experience working in a SOC or as part of an IR team responding to active threats, with an understanding of which facets of signatures can lead to false positives and how to avoid them
• Basic or higher proficiency in Python, Go, or a similar programming language
COLLABORATION
In terms of working with others, Threat Detection & Response analysts will be expected to:
• Work with teammates to compile customer reports, notifications, and advisories; and clearly communicate what work has been performed and what remains to be completed
• Teach new analysts Volexity’s process and procedures, helping them to develop new skills
• Stay up to date on current security events and threat intelligence, sharing critical news with teammates as it is discovered
Volexity values diversity and is an equal opportunity employer. All employment is decided on the basis of qualifications, merit, and business need.
Apply Now
Apply Now
Experience Level:
Junior to Mid-level (Senior role may be considered for the right applicant)
Position Type:
Volexity Security Operation Center (SOC) Staff
JOB DESCRIPTION
Volexity’s Threat Detection & Response Analyst will work to protect organizations from a wide variety of threats, ranging from commodity phishing and malware campaigns to highly targeted attacks involving zero-day exploits.
Candidates applying for this role should expect a job opportunity where they can:
• Analyze and respond to advanced and emerging threats
• Work on investigations that evoke a sense of personal investment
• Be part of a growing industry-leading security operations team
• Collaborate with Volexity’s Threat Intelligence and Incident Response teams
• Help protect NGOs, activists, dissidents, human rights defenders, and other highly targeted groups
Candidates are expected to have a minimum of two years of experience in an IT Security focused role, specifically with a strong emphasis on investigating security incidents stemming from alerts generated by network intrusion detection systems, endpoint detection response/antivirus software, and logs generated from security devices and/or productivity suites (e.g., Microsoft 365, Google Workspace, etc.).
RESPONSIBILITIES
Responsibilities of a Threat Detection & Response Analyst will include but not be limited to:
• Monitoring and triaging alerts generated via network security monitoring, EDR platforms, and other log sources
• Threat hunting across Volexity’s customer base to look for new or previously undetected threats
• Creating detailed incident reports that provide context, as well as actionable recommendations and next steps
• Assisting in the creation of detection content and alert signatures, as well as helping tune signatures as needed to improve detection accuracy
• Working closely with customers, responding to inquiries and questions in a timely fashion
• Tracking industry activity, such as new vulnerabilities and threat reports
REQUIRED SKILLS
As a Threat Detection & Response Analyst, the expected skillset should include:
• Excellent understanding of network protocols and operating systems as they relate to threat detection
• Detailed knowledge of the current threat landscape and the TTPs of various threat actors
• Ability to quickly determine the scope of a given threat detected, identifying indicators of compromise, and assessing the criticality of the threat to properly prioritize reporting and response
• High-quality written communication skills, with the ability to document findings for customers in long-form reporting
• Experience reviewing other team member’s work to ensure high standards across the team
• Resourceful self-starter who can work both with a team and independently, when required
PREFERRED EXPERIENCE
Successful candidates for this role may also demonstrate the following experience or skills:
• Ability to write YARA and Suricata signatures; a successful candidate will be able to recognize the qualities of good signatures and create solid signatures for both the YARA and Suricata formats
• Basic or higher proficiency in Malware Analysis
• Ability to write detection logic for a variety of systems, such as SentinelOne, Microsoft Defender for Endpoint, or other endpoint detection and response solutions
• Prior experience working in a SOC or as part of an IR team responding to active threats, with an understanding of which facets of signatures can lead to false positives and how to avoid them
• Basic or higher proficiency in Python, Go, or a similar programming language
COLLABORATION
In terms of working with others, Threat Detection & Response analysts will be expected to:
• Work with teammates to compile customer reports, notifications, and advisories; and clearly communicate what work has been performed and what remains to be completed
• Teach new analysts Volexity’s process and procedures, helping them to develop new skills
• Stay up to date on current security events and threat intelligence, sharing critical news with teammates as it is discovered
Volexity values diversity and is an equal opportunity employer. All employment is decided on the basis of qualifications, merit, and business need.
Apply Now
Apply Now