Threat Analyst II at VMware Carbon Black

| Greater Boulder Area
Sorry, this job was removed at 3:07 p.m. (MST) on Thursday, September 3, 2020
Find out who's hiring in Colorado.
See all Operations jobs in Colorado
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Job Description


VMware Carbon Black’s Managed Detection service consists of world class security experts who are responsible for monitoring and validating security events in real time. This includes following procedures to triage and investigate security alerts and provide product specific remediation assistance.  We are seeking a Threat Analyst II to join our team. 


The Threat Analyst II will be responsible for researching confirmed security events in depth, maturing processes, creating and improving automation and other tools, product improvements, and the mentorship and professional growth of junior analysts. The Analyst will also have opportunities to receive mentorship for professional growth from more senior members of the team. The analyst will have involvement with evaluating new security technologies, incident response, penetration testing and the freedom to try out new ideas and technologies to improve the SOC.


What You'll Do


  • Performs endpoint security monitoring, security event triage, and incident response to detect and respond to advanced threats

  • Identifies potential gaps and offers solutions to include internal team needs, product improvements and client security posture

  • Coordinates with other team members and management to investigate, document and report incidents

  • Collaborate with our Threat Analysis Unit to provide in depth reports of confirmed security incidents and produce technical threat advisory broadcasts about new and emerging threats

  • The analyst will be responsible for providing training and mentorship to junior analysts to assist with their professional development goals. This will include developing relevant training exercises and classes with the assistance of the leadership team

  • The analyst will be part of a rotating SOC shift and will need to manage their schedule accordingly so as to ensure there is coverage during SOC shifts

  • Work with security engineering teams to validate detection effectiveness as well as identifying detection improvements

  • Maintains records of security events investigated and incident response activities, utilizing case management and ticketing systems

  • Perform regular reviews of alert tickets handled by junior analysts

  • Act as senior level analyst to Tier 1 analysts, providing guidance as a product subject matter expert to ensure that remediation recommendations are accurate

  • Monitors and analyzes EDR and Security Information and Event Management (SIEM) to identify security issues for remediation.

  • Provides recommendations, creates, modifies, and updates EDR and Security Information Event Management (SIEM) tool rules

  • Ensure that we are implementing best practice security policies that address the client's business need while protecting their vital corporate assets

  • Take on Security Operations responsibilities when not on a SOC shift: this includes but is not limited to documentation, basic malware analysis, exceptions tracking, security tool management, tuning, and configuration, along with metrics and reporting.

  • Be a primary for or support ongoing projects by assisting in the automation, implementation, testing and documentation of security related projects


Technical Skills


Operating System Skills:

Beginner to intermediate skills in Windows, macOS, and/or Linux

Basic Scripting Skills:


Experience with any of the following:

Unix/Linux Shell scripts, Python, Go, PowerShell, C++, C#, Perl


Technology Experience:



  • Firewalls (e.g. PaloAlto Networks, Checkpoint, Cisco ASA, Juniper SSG, PFSense, etc..)

  • Experience with threat hunting

  • Log Management and SIEM (e.g. Splunk, IBM QRadar, HP ArcSight, LogRhythm)

  • Network Analysis Tools (e.g. Netwitness, Wireshark)

  • System Analysis and Forensic Tools (e.g. FTK, EnCase)

  • Endpoint Security (e.g. Carbon Black Endpoint Standard, Carbon Black Enterprise Protection, Carbon Black Enterprise Response, Symantec, McAfee, Forefront)

  • Windows Management (e.g. WSUS, SCCM, SCOM, Active Directory, Group Policy)

  • Penetration Testing Tools (e.g. Metasploit, Kali)

  • Regulatory Regimes a plus (e.g. GDPR, ISO27K, SSAE16, HIPPA, PCI, FISMA)


What You'll Bring


  • BS/BA degree in Computer Science, Information Systems, related discipline or equivalent experience.

  • 3-5 years of professional work experience in the cybersecurity industry

  • The ideal candidate will have macOS and Windows operating system experience, as well as scripting skills. Linux/Unix skills are a plus.

  • Strong analytical skills to define risk, identify potential threats, and develop and document action/mitigation plan

  • Strong interpersonal skills, ability to mentor/train staff and bring awareness to current and emerging threats

  • Ability to work efficiently and self motivate with little to no supervision

  • Certifications a plus: CISSP, SAN GIAC Certifications (GCIH, GPEN, GSEC, etc.)

  • Strong written and verbal communications skills with an ability to present technical risks and issues to technical and non-technical audiences internal and external to the organization



Category : Engineering and Technology
Subcategory: Information Security
Experience: Manager and Professional
Full Time/ Part Time: Full Time
Posted Date: 2020-07-14

VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at

Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.
Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C++Languages
    • JavaLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages
    • ScalaLanguages
    • HTMLLanguages
    • D3JSLibraries
    • ReactLibraries
    • AngularJSFrameworks
    • Node.jsFrameworks
    • MySQLDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • WordpressCMS
    • SalesforceCRM
    • MarketoLead Gen


Located in the Pearl Street Mall, it’s a prime location for employees who like to hike, enjoy great restaurants, or love to grab pints at the brewpub.

An Insider's view of VMware Carbon Black

What projects are you most excited about?

The endpoint security market is fast-paced, always changing, and exciting. We're constantly innovating to keep up with what the market needs, which means we're always learning. Working at CB has allowed me to move to Boulder to help start our new office. This is an experience I probably won't get many times in my career.


Manager, Sales Development

What does career growth look like on your team?

We consider the Sales Development Representative Program an important first step in building out the foundation of a future leader. Whatever your first steps are at Carbon Black won’t be your last. Our program isn’t just about getting SDRs to be a good quota carrying rep; it’s also about helping them develop the next best step in their careers.


Director, Inside Sales

How do you make yourself accessible to the rest of the team?

My leadership style is all about empowering my teams. I work in a way that is transparent and honest and want to help people achieve personal and professional goals. I want to foster technical abilities and make sure our people are keeping up with the leading-edge technologies.


VP of Engineering & Operations

What are some social events your company does?

Our culture club, Life at CB, focuses on a range of events. From company parties, employee communities, and sports leagues to philanthropy and learning and development, there's a ton of ways we get together and grow.


Sr. Talent Brand Ambassador

What are VMware Carbon Black Perks + Benefits

Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Pair programming
Open office floor plan
Documented equal pay policy
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Diversity manifesto
Someone's primary function is managing the company’s diversity and inclusion initiatives
Mean gender pay gap below 10%
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Team workouts
Acme Co.'s team fitness initiatives include Sponsored race teams.
Retirement & Stock Options Benefits
401(K) Matching
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Return-to-work program post parental leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Recreational Clubs
Relocation Assistance
For some roles, we will offer relocation assistance.
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
More Jobs at VMware Carbon Black3 open jobs
All Jobs
Dev + Engineer