Security Operations Analyst, Huntress

• 2+ years experience in a SOC or Digital Forensics (DFIR) role
• Demonstrated experience with Windows, Linux, and MacOS as an attack surface
• Demonstrated experience with basic Threat Actor tools and techniques: (MITRE ATT&CK Framework, PowerShell & Command Prompt Terminals, WMIC, Scheduled Tasks, SCM, Windows Domain and host Enumeration Techniques, Basic Lateral Movement Techniques, Basic Persistence Mechanisms, Basic Defense Evasion Techniques, other offensive/Red Team TTPs)
• Demonstrated experience with static and dynamic malware analysis concepts
• Working knowledge of Windows Administration or Enterprise Domain Administration
• Active Directory, Group Policy, Domain Trusts, etc
• Working knowledge of core networking concepts
• Common ports/protocols, NAT, Public/Private IPs, VLANs, etc
• Working knowledge of web technologies and concepts
• Web servers/applications, OWASP top 10, etc
• Effective communication skills, with the ability to explain complex events to less technical audiences, enabling effective cross-functional collaboration within the SOC and across departments
• Dedicated to prioritizing and addressing customer needs and concerns in all decision-making processes
• A strong sense of curiosity and a genuine excitement for learning

Desirable

• Reports to: Manager, Security Operations Center
• Huntress is looking for a Security Operations Center Analyst to add to our growing team
• In this role, you will get to triage, investigate, respond, and remediate a variety of intrusions on a daily basis
• You’ll be surrounded by passionate individuals who are mission-driven to help protect companies around the world from cyber-attacks and will have daily opportunities to progress your analyst skillset and accelerate your career growth
• The Huntress Security Operations Center is an elite team of individuals who wake up every day to combat threat actors
• You will have daily opportunities to progress your analysis skills while being at the forefront of what’s happening in the wild
• If you’re looking to accelerate your career and skills, this is the team for you!
• Triage, investigate, and respond to alerts from the Huntress platform
• Perform tactical review of EDR telemetry, log sources, and forensic artifacts to determine the root cause of attacks where possible and provide remediations needed to remove the threat
• Perform tactical malware analysis as part of investigating and triaging alerts
• Investigate suspicious Microsoft M365 activity and provide remediations
• Assist in escalations from the Product Support team for threat-related and SOC-relevant questions
• Contribute to detection engineering creation and tuning efforts
• Contribute to projects focused on driving better outcomes for our analysts and partners
• Contribute to our collaboratively mentored team (we're all here to make each other better!)