Senior Analyst, Security Operations
LogRhythm is a world leader in NextGen Security Information and Event Management (SIEM), empowering organizations to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. Our platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security orchestration, automation & response (SOAR) in a single end-to-end solution. Among other accolades, LogRhythm is positioned as a Leader in Gartner’s SIEM Magic Quadrant. We are based in Boulder, CO with offices in Maidenhead UK, Australia, Singapore, Germany and The Netherlands.
Opportunity
The Senior Analyst for Security Operations will report directly to the Chief Information Security Officer (CISO). You will be ultimately responsible for protecting our network, systems, applications, and employees, from damaging threats to our company and brand. You’ll have access to state of the art technology and intelligence. You’ll be expected to take full advantage of the technology and intelligence to triage threat events, perform threat hunting, and to lead incident response. We want our Senior Analyst to be a subject matter expert in security operations, involved in marketing, sales, and public relations for the company and the brand. Our Security Operations Center will set the example for our customers and prospects on what’s possible.
Responsibilities
- Perform event and incident triage, threat hunting, and incident response (to include basic malware analysis and forensic investigations)
- Use industry-leading commercial and open source software to detect, evaluate, triage, prioritize, and respond to security events.
- Develop, maintain, and enforce security operations policies, standards, and processes (run books); seeking continuous improvement and driving efficiency
- Be an escalation point (including on call support) to our managed security services (physical and cyber) as they are used for general triage both during and after business hours.
- Act as a subject matter expert in security operations and support marketing, public relations, sales, business development, and research and development.
- Support research and development, security module creation, automation, and process improvement.
- Support vulnerability management and penetration tests.
- Provide guidance and support to the development of corporate information security policies, standards, and guidelines.
Qualifications
- Security professional with 3-5 years of hands-on deep technical experience in the industry
- Security analysis, threat hunting, forensics, flow analysis, and log management experience
- IDS/IPS management, PCAP carving, file extraction, and long tail analysis experience
- Strong understanding of attacker tactics, techniques, and procedures
- Excellent communication skills – both written and verbal
- Deep understanding of endpoint and network security
- Strong understanding of SIEM technology and network forensics
- Experience with or knowledge of vulnerability management and penetration testing of systems, applications, and networks
- Demonstrable experience with one or more of the following:
- Python, PowerShell, Bash, PHP, HTML, .NET, C#, C++
- Security Certifications are nice to have but not required. A few recommended ones:
- OSCE, OSCP, GMON, GCED, GREM, GCIA, GCIH, GSEC, CISSP, etc.
- General understanding of industry standards, compliance, and legal guidelines:
- ISO 27001, NIST 800-53, SOC 2, SSAE 16, SOX, HIPAA, etc.
LogRhythm is proud to be an equal opportunity employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status.