Security Analyst Remote Jobs in Virginia (US)

This page tracks remote security analyst openings that are location-eligible for Virginia.

Open jobs

1,517

Hiring companies this week

Salary sample

$90,000 - $190,000

Jobs added last hour

Strict location onlyShow closed jobs

Post Date

Minimum Salary

Experience

1517 Jobs

978 Companies

Security Analyst

Oddball

A strangely human digital agency

Security Analyst4 hours ago

Full Time Remote SeniorTeam 51-200H1B No Sponsor

Company Site LinkedIn

• Partner with engineers and security SMEs to design, improve, and implement Identity and Access Management (IAM) solutions for VA.gov products • Analyze security metrics and access management trends to inform how the program approaches security architecture • Develop and document requirements for IAM solutions including identity lifecycle, role management, separation of duties, and access workflows • Build and maintain logging and monitoring solutions using Splunk, Loki, and/or AWS CloudWatch • Develop use cases and test cases, and participate in SIT/UAT testing • Operate as a domain expert — teams will lean on you for both functional and technical guidance on security and IAM • Support the Security Collab Cycle, ensuring teams building products and features on VA.gov are doing so in alignment with Platform security standards and best practices

AWS Cyber Security Splunk

View details: Security Analyst

United States

$90K - $125K / year

Apply

Cybersecurity Red Team Analyst Sr

BAE Systems, Inc.

Improving the future and protecting lives is an ambitious mission, but it’s what we do. As a leading aerospace, defense, and security company, we work together to deliver a full range of products and services for air, land, space, and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. How we work is rooted in purpose – a purpose to protect those who protect us, to unite our community of colleagues and customers, and to drive forward the growth and development of our exceptional team members. It's where purpose connects.

Security Analyst5 hours ago

Full Time Remote SeniorTeam 10,001+Since 1999H1B No Sponsor

Company Site LinkedIn

Job Description BAE Systems Cybersecurity - Attack Surface Management has an opening for a Red Team Analyst Sr to improve overall security posture through authorized offensive security projects that identify gaps in IT security controls and processes. Position will manage cross functional engagements that include IT service centers, business sectors, and the security operations center. Scope can include the BAE Systems, Inc core network, business/program enclaves, and commercial and custom applications. Position manages engagements from end-to-end to include scope definition, detailed planning, stakeholder coordination, testing, reporting, and remediation coordination. This is an exciting opportunity to build and manage a program and work with a highly motivated team of cyber security professionals. Required Education, Experience, & Skills Technical requirements: - Expertise in attack tools and techniques - Ability to use and analyze information produced from various commercial and open source tools - Familiarity with large network infrastructure components (Load balancers, Proxies, hybrid cloud implementations, VPNs) - Familiarity with network and host-based security system components (Firewalls, Endpoint Protection Solutions) - Familiarity with modern virtualization platforms and technology. Required Skills - Experience managing red team projects from end-to-end (initial planning through remediation coordination) - Ability to coordinate activities with a wide range of stakeholders - Experience developing plans, creating reports, presentation, processes, etc. - Must be able to work across IT organizations to drive successful outcomes of the program - Ability to produce documentation in support of the program Preferred Education, Experience, & Skills Preferred Skills and Education - Computer Security related degree - 6+ years in a cybersecurity role, 3+ years in red team - Certifications related to red team and penetration testing such as OSCP, OSCE, OSWP, OSWE, GPEN, GWAPT, GXPN, GAWN - Experience with COTS Adversary Emulation tools Primary Duties and Responsibilities - Develop standard Red Team practice within ESS Cybersecurity. Define core processes, tools, and deliverables. - Simulate attacks on the organization's IT systems, networks, applications, and physical security to evaluate its security posture. Identify weaknesses that could be exploited by malicious actors and provide actionable recommendations to improve defenses. - Work under consultative direction from management within Cybersecurity. Develop and implement plans and work with stakeholders independently to plan and execute activities. - Develop detailed project plans that define technical approaches as well as impacts and requirements for stakeholders throughout the organization. - Technical approaches may require a high degree of creativity and flexibility. Problems may be highly complex. Testing may often uncover unknown/unforeseen circumstances that require change in direction or new approaches. Position requires ability to independently make sound decisions to maximize effectiveness of tests. - Must be able to maintain strong working relationships with stakeholders throughout the organization, including IT Operations, Applications, Network, GSOC, business sectors, etc. Stakeholders may be sensitive that simulated attacks may impact business operations. Position requires careful and responsible decisions regarding test approaches, and frequent and effective communications with stakeholders. - Consult with stakeholders on findings and required actions to improve defenses. Develop and maintain detailed tracking that identifies scope, tests completed, and findings. Work with stakeholder to ensure findings are remediated. - Serve as the Team Lead for the Red Team function within ESS Cybersecurity. Provide leadership and support to other Red Team Analysts on the team. Coordinate activities, ensure high quality delivery. - Promote a culture of ownership, transparency, and results driven- performance. Pay Information Full-Time Salary Range: $132962 - $226035 Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience. Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. About BAE Systems, Inc. BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified.

View details: Cybersecurity Red Team Analyst Sr

Virginia

$133.0K - $226.0K / year

Apply

Security Analyst – Governance, Risk, and Compliance

LaunchDarkly

Empowering all teams to deliver and control their software.

Security Analyst7 hours ago

Full Time Remote SeniorTeam 201-500Since 2014H1B Sponsor

Company Site LinkedIn

• Collaborate with stakeholders to design and operate security controls that comprise the LaunchDarkly GRC program • Use technology to automate compliance activities like gathering evidence and verifying controls • Operationalize the health and maturity of the program by tracking metrics based on quantitative and qualitative data • Drive progress towards results for GRC-related continuous improvement projects • Contribute to documentation for security standards, policies, and processes • Support audits and assessments with internal and external stakeholders • Work with product and infrastructure delivery teams on engineering projects related to GRC requirements

AWS Cloud Cyber Security

View details: Security Analyst – Governance, Risk, and Compliance

United States

$116K - $187.7K / year

Apply

Member Milestones Specialist Supervisor

Gamma Phi Beta

Threat Intelligence Specialist15 hours ago

Full Time Remote Mid Level

Role Description The member milestones specialist supervisor is responsible for overseeing the operation of the member milestones team. - Annually determine the number of specialists needed to hire based on anticipated returning specialists. - Conduct hiring with the director of alumnae engagement to fill open team member positions. - Assign member milestone specialists to 50- and 75-year members to be contacted. - Serve as the main point of contact for member milestone specialists. - Onboard and train member milestone specialists as needed. - Host a call for all member milestone specialists two additional times per year to get the team together at the mid-program and end-of-program timeframe. - Ensure that member milestone specialists are contacting their assigned 50- and 75-year members. - Meet monthly with the director of alumnae engagement to address specialist progress, items of concern or recommend updates to the member milestones program. - Conduct research on lost members to obtain a more accurate membership database. - Follow up with members as you receive communication back from them. - Send the provided card to 50- and 75-year members as assigned by the member milestones team leader and include a personalized celebratory message. - Update the shared member milestones document on a timely basis to provide information, including but not limited to the type of contact made, updated member contact information and deceased member updates. Qualifications - Communication. - Teamwork. - Critical Thinking. - Experience supervising others. Requirements - This role is appointed for a one-year term ending on July 31, 2027. - This role requires four to ten hours per week on average. - No travel is expected for this role. Any changes in travel expectations will be communicated to volunteers. - Meet all expectations as outlined in Gamma Phi Beta’s Appointed Volunteer Expectations Agreement.

View details: Member Milestones Specialist Supervisor

Worldwide

Apply

Population Health Specialist

Sparrow - TrySparrow.com, Inc.

Sparrow, legally known as TrySparrow.com, Inc., is a software company that partners with employers to manage all types of employee leave, like family and medica

Threat Intelligence Specialist1 day ago

Full Time Remote Mid Level

Company Site

Role Description As a member of the Population Health Service Organization (PHSO), the Population Health Specialist (PHS) will play a vital role in the redesign of integrated care for Sparrow Care Network (SCN). The PHSs will provide needed support in assisting with pro-active outreach to patients, often serving as the initial point of contact. - Coordinate low-to-moderate risk outreach in the form of Provider-Delivered Care Management (PDCM) or Emergency Department (ED)/Transitional Care Management (TCM) calls post-discharge. - Assist with resource referrals as needed and screen patients for additional needs. - Work remotely within the PHSO office, providing ongoing telephonic support for individuals needing episodic care management. - Possess a strong understanding of scheduling workflows and communicate effectively with all team members. - Adapt to working offsite and support multiple practices. Qualifications - Completion of a nationally or internationally accredited program in self-management support concepts and techniques within 12 months of assuming this position if not completed prior to being hired. - Certified Medical Assistant - preferred. - National case management certification – preferred. - Minimum of 1 year of medical or case management experience. - High school diploma or GED. - Completion of a Medical Assistant (MA) program. Requirements - Demonstrates excellent clinical knowledge, skills, and judgment. - Excellent communication skills including emotional intelligence, relationship building, negotiation, conflict resolution, persuasion, marketing, and patient advocacy. - Ability to proactively and creatively problem solve. - Ability to prioritize, organize, handle many tasks simultaneously, work autonomously, and manage time. - Ability to work in stressful situations and manage conflict. - Ability to work in an EMR environment. - Knowledge and demonstrated ability to collect, analyze, and utilize data for process improvement - preferred. - Experience with an EMR - preferred. - Proficiency in Microsoft Excel - preferred. - Knowledge of case management including health care finance, hospital and community resources, discharge planning, utilization review, utilization management, ethical case management principles, and evidence-based practice concepts - preferred. Company Description University of Michigan Health-Sparrow is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Excel

View details: Population Health Specialist

United States

Apply

Cyber Threat Hunter

BlueCross BlueShield of Tennessee

Bringing peace of mind through better health to our customers and communities

Threat Intelligence Specialist1 day ago

Full Time Remote Mid LevelTeam 5,001-10,000Since 1952H1B Sponsor

Company Site LinkedIn

Role Description We’re looking for an individual who has a strong interest in cybersecurity and brings curiosity and evolving techniques to help identify and analyze potential threats. Your skills will support our team’s ability to detect and respond to cyber attacks; experience with cloud security is a plus! As a Cyber Threat Hunter, you’ll play an important role in helping us stay ahead of emerging threats. As a valued member of the team, you will contribute to identifying, analyzing, and mitigating cyber threats to help protect our organization’s assets and data. Our team is composed of individuals from various backgrounds and experiences, fostering a rich and inclusive culture where everyone’s voice is heard and valued. Every day brings new and exciting challenges—you’ll have the opportunity to build your skills, solve complex problems, and grow your capabilities in a dynamic cybersecurity environment. To be successful in this role, you’ll bring a solid foundation in cybersecurity principles, an analytical mindset, and a willingness to learn and collaborate. Experience with threat detection tools, incident response processes, or cloud environments will help you stand out. Note: Sponsorship is unavailable for this role. This is a remote, work-from-home position, but the final round of interviews will take place on-site in our Chattanooga, TN office. Qualifications - Bachelor's Degree in a Computer Sciences related field or equivalent work experience - 3 years of experience in Information Security required - 1 year of experience with information technology concepts, terminology, and standards required Requirements - Common knowledge of malicious code (worms, viruses, spyware, etc.) - Understanding of Security Methodologies for Windows / Linux / Unix operating systems - Knowledge of TCPIP/UDP/ICMP - Working knowledge of the OSI Reference Model - Knowledge of networking components (routers, switches, load balancers, wireless access points, etc.) - Knowledge of Information Security components (IPS, IDS, WAF, SEIM, etc.) - Knowledge of vulnerability assessments - Knowledge of security incident handling - Ability to work independently with minimal supervision or function in a team environment sharing responsibility, roles, and accountability - Proficient in Microsoft Office (Outlook, Word, Excel, and PowerPoint) - Must be a team player, be organized, and have the ability to handle multiple projects - Excellent oral and written communication skills - Strong interpersonal and organizational skills Company Description BCBST BlueCross BlueShield of Tennessee, Inc. is committed to recruiting, hiring, training, and promoting individuals in all job classifications without regard to race, religion, color, age, sex, national origin, citizenship, pregnancy, veteran status, sexual orientation, physical or mental disability, gender identity, or any other characteristic protected by applicable law. Further information regarding BCBST's EEO Policies/Notices may be found by reviewing the following page: BCBST's EEO Policies/Notices. BlueCross BlueShield of Tennessee is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at BlueCross BlueShield of Tennessee via email, the Internet, or any other method without a valid, written Direct Placement Agreement in place for this position from BlueCross BlueShield of Tennessee HR/Talent Acquisition will not be considered. No fee will be paid in the event the applicant is hired by BlueCross BlueShield of Tennessee as a result of the referral or through other means.

Microsoft Windows Linux Unix Microsoft Office Excel

View details: Cyber Threat Hunter

United States

Apply

Senior Cyber Threat Analyst

DFIN - Donnelley Financial Solutions

A leading provider of risk and compliance solutions, DFIN - Donnelley Financial Solutions offers data insights, industry expertise, and insightful technology to

Threat Intelligence Specialist1 day ago

Other Remote SeniorTeam 1,750Since 2016

Company Site

Title: Sr Cyber Threat Analyst Location: US Department: Information Technology Job Description: Join a dynamic team at the pulse of global markets, where we deliver innovative software and service solutions for essential financial reporting and capital markets transactions. At DFIN, we are a values-driven organization that empowers you to build a fulfilling career while bringing your authentic self to work every day. Our “Win as One” mentality ensures that our team’s success is directly linked to Client, Shareholder and Employee Satisfaction. Recognized as one of AMERICA'S MOST LOVED WORKPLACES® for five consecutive years and a Built In Best Places to Work for six years, we are committed to our employees’ total well-being. Enjoy competitive compensation, a flexible workplace, comprehensive benefits, and opportunities for professional growth. Bring your passion and talents to DFIN – because being YOU thrives here. Summary: The Senior Cyber Threat Analyst will lead efforts to investigate cybersecurity incidents from end-to-end, engaging and coordinating peer teams, stakeholders, and external entities as necessary. This person will play a role of subject matter expert in the areas of incident response, threat hunting, and forensics. The Senior Cyber Threat Analyst will author incident response runbooks and mentor cyber threat analysts in incident response and digital forensics methodologies. Responsibilities: - Lead incident response activities to identify, assess, contain, mitigate all observed threats and document all investigational efforts for multiple audiences - Develop and operationalize incident response runbooks with an emphasis on automation and ability to measure incident response effectiveness (Develop/track KPIs) - Document and track incident response investigations, including observed IOCs and TTPs, system(s) impacted, criticality and scope of any data exposure, lessons learned, follow-up items - Act as a liaison between a diverse group of teams including engineering, security, and network & system operations to ensure effective adoption of incident response requirements and operational considerations - Act as incident manager for all declared cyber security incidents - Conduct traditional forensic and data acquisition activities utilizing industry standard commercial and open-source toolsets - Identify, analyze, and interpret trends or patterns in complex data sets - Work with the functional business areas as needed during incident response investigations - Develop, customize, and maintain reporting around key metrics related to investigational and threat hunting activities - Serve as a trusted advisor to the team Lead, Manger, and the SVP, and CISO on sensitive matters warranting confidentiality - Communicate and present issues/investigation results to peer and executive-level audiences - Demonstrate subject matter expertise across most technology domains - Perform other duties as assigned Qualifications: - Bachelor’s degree with 8+ years of relevant experience or 10+ years of equivalent experience through work and education - 8+ years of cybersecurity investigation and incident response experience - Strong understanding of operating systems (Windows, macOS, Linux, Unix, mobile) - Experience investigating incidents in cloud environments (SaaS, PaaS, and other cloud platforms) Preferred Qualifications: - Security certifications (e.g., CISSP, GSEC, GCFA, GCFE) - Strong analytical and problem-solving skills - Knowledge across cybersecurity domains, including firewalls, IDS, and network security platforms - Experience leveraging threat intelligence in security operations - Advanced knowledge of cyber attack techniques and mitigation strategies - Ability to assess risk using qualitative and quantitative methods - Strong communication skills for technical and leadership audiences - Proven ability to handle confidential data and follow procedures - Ability to perform effectively in fast-paced, high-pressure environments - Expertise in incident response, digital forensics, network traffic, log, and malware analysis - Familiarity with MITRE ATT&CK and ATLAS frameworks - Experience with SIEM, SOAR, and EDR tools for detection and response It is the policy of Donnelley Financial Solutions to select, place, and manage all its employees without discrimination based on race, color, national origin, gender, age, religion, actual or perceived disability, veteran status, actual or perceived sexual orientation, genetic information or any other protected status. If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access jobs.dfinsolutions.com as a result of your disability. You can request a reasonable accommodation by sending an email to talentacquisition@dfinsolutions.com. At DFIN, protecting your identity is a top priority. Please be aware of scammers impersonating DFIN recruiters. DFIN recruiters will never request personal information via email or text. You will only receive a text from us if you've already been in contact. All automated messages will come from talentacquisition@dfinsolutions.com. If you ever have doubts about the legitimacy of any communication from us, please do not hesitate to reach out for verification via talentacquisition@dfinsolutions.com (this email is for general TA questions and is not used for updates on your application status). #BI-Remote

Microsoft Windows macOS Linux Unix Firewalls SIEM

View details: Senior Cyber Threat Analyst

Worldwide

Apply

Senior SOC Analyst

ECS Tech Inc

All candidates must meet the following criteria: Must be a US Citizen, no dual Citizenships. Must be able to secure a Public trust clearance. Must be able to work across multiple programs across the Federal and DOD space. The core values that ECS looks for in an engagement manager include: Teamwork, Respect, Accountability, Integrity, and Leadership.

Security Analyst1 day ago

Full Time Remote SeniorH1B No Sponsor

Company Site LinkedIn

Role Description The Senior SOC Analyst is responsible for advanced security monitoring, investigation, and incident response activities within the Everforth Security Operations Center (SOC). This role serves as a senior technical resource within the analyst team, responsible for leading complex investigations, mentoring junior analysts, and ensuring high-quality incident analysis across enterprise environments. The Senior SOC Analyst plays a critical role in identifying sophisticated threats, escalating security incidents, and improving SOC investigative capabilities. This role reports to the SOC Manager and works closely with the Security Engineering team, enterprise IT operations teams, and the Everforth Commercial MSSP to ensure effective monitoring, investigation, and response across the enterprise. Responsibilities - Advanced Threat Investigation: Conduct in-depth analysis of complex security alerts, anomalies, and potential threat activity across enterprise environments. - Incident Response Support: Lead investigation and response activities for confirmed or suspected cybersecurity incidents affecting enterprise systems. - Alert Triage and Escalation: Perform detailed triage of security alerts and escalate validated incidents according to established procedures. - Investigation Leadership: Serve as the lead analyst during significant investigations, coordinating investigative efforts and guiding response activities. - Threat Analysis: Analyze indicators of compromise, attacker behavior, and malicious artifacts to determine the scope and impact of security incidents. - Detection Engineering: Develop and refine detection logic, analytics, and monitoring use cases based on investigative findings and threat intelligence. - Threat Hunting: Conduct proactive threat hunting activities to identify adversary behavior not detected through automated alerts. - MSSP Escalation Handling: Review and validate alerts and escalations originating from the MSSP after-hours monitoring team. - Investigation Documentation: Ensure thorough documentation of investigations, findings, and response actions within the SOC case management platform. - Operational Quality Assurance: Support the SOC Manager in maintaining investigation quality and adherence to SOC playbooks and procedures. - Operational Effectiveness: Lead the design and implementation of SOC process improvements through automation, AI-driven solutions, workflow optimization, and continuous enhancement of detection and response capabilities. - Operational Collaboration: Work closely with IT operations, infrastructure teams, and security engineering to support investigation and remediation activities. - Knowledge Sharing: Mentor junior SOC analysts and provide guidance on investigative techniques, threat analysis, and incident handling procedures. - Situational Awareness: Maintain awareness of emerging threats, attacker tactics, techniques, and procedures relevant to enterprise environments. - Playbook Execution: Execute established SOC investigation playbooks and contribute to the refinement of operational procedures. - On-Call Support: Participate in on-call support to assist with security incident response, operational issues, and investigation activities to maintain continuous SOC coverage and response capability. Qualifications - Experience: Minimum of 5 years of cybersecurity experience, with at least 3 years in a Security Operations Center or incident response role. - Security Investigation Expertise: Strong experience investigating security alerts, analyzing suspicious activity, and determining the scope and impact of security incidents. - Incident Response Experience: Hands-on experience supporting incident response investigations including containment, eradication, and recovery coordination. - Security Technology Experience: Experience working with enterprise security tools such as SIEM platforms, EDR platforms, and log analysis systems. - Threat Analysis Skills: Ability to analyze indicators of compromise, attacker behaviors, and adversary techniques during investigations. - Log Analysis Expertise: Strong experience reviewing and interpreting system logs, endpoint telemetry, network events, and authentication activity. - Detection Engineering Experience: Experience developing or tuning detection rules, analytics, or monitoring logic used to identify malicious activity. - Security Framework Knowledge: Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework or CIS Critical Security Controls. - Investigation Documentation: Experience documenting investigations, incidents, and response actions within case management platforms. Requirements - Able and willing to obtain a US Security Clearance. - This role may require occasional on-call support during off-hours to respond to security incidents.

Observability/Monitoring AI SIEM

View details: Senior SOC Analyst

United States

Apply

SOC Analyst

ECS Tech Inc

Security Analyst1 day ago

Full Time Remote Mid LevelH1B No Sponsor

Company Site LinkedIn

Role Description The SOC Analyst is responsible for enterprise security monitoring, alert investigation, and incident response activities within the Everforth Security Operations Center (SOC). This role supports the continuous monitoring of enterprise systems and security telemetry to identify potential threats and suspicious activity. SOC Analysts perform investigative analysis of security alerts, participate in incident response activities, and contribute to detection engineering efforts that improve the organization's ability to detect malicious activity. This role reports to the SOC Manager and works closely with Senior SOC Analysts, the Security Engineering team, enterprise IT operations teams, and the MSSP to ensure effective monitoring, investigation, and response across the enterprise environment. Responsibilities - Security Monitoring: Monitor enterprise security telemetry and alerts generated by security platforms to identify potential threats or suspicious activity. - Alert Investigation: Conduct investigations of security alerts to determine legitimacy, scope, and potential impact to enterprise systems. - Incident Detection: Identify indicators of compromise, malicious behavior, and suspicious activity within enterprise environments. - Incident Response Support: Support investigation and response activities during confirmed or suspected cybersecurity incidents. - Threat Analysis: Analyze security telemetry, logs, and alerts to determine attacker behavior, indicators of compromise, and potential attack vectors. - Detection Engineering Support: Contribute to the development and refinement of detection rules and monitoring analytics based on investigation findings. - Threat Hunting: Participate in proactive threat hunting activities to identify adversary behavior that may not be detected through automated monitoring. - MSSP Escalation Review: Review and investigate alerts escalated by the MSSP after-hours monitoring team. - Investigation Documentation: Document investigations, findings, and response actions within the SOC case management platform. - Operational Effectiveness: Contributes to SOC process improvements by supporting automation efforts, implementing AI-assisted workflows, identifying efficiency opportunities, and helping enhance detection and response operations. - Playbook Execution: Execute SOC operational playbooks and investigation procedures during alert triage and incident response. - Operational Collaboration: Work closely with IT operations, infrastructure teams, and security engineering to support investigation and remediation activities. - Continuous Improvement: Identify opportunities to improve monitoring coverage, investigation processes, and detection capabilities. - On-Call Support: Participate in on-call support to assist with security incident response, operational issues, and investigation activities to maintain continuous SOC coverage and response capability. Qualifications - Minimum of 3–5 years of cybersecurity experience, with experience in security operations, threat monitoring, or incident response environments. - Experience monitoring security alerts and investigating suspicious activity using enterprise security tools. - Ability to analyze security alerts, logs, and telemetry to determine potential malicious activity. - Experience working with enterprise security tools such as SIEM platforms, endpoint detection and response (EDR), and log analysis tools. - Experience reviewing system logs, authentication activity, endpoint telemetry, and network security events. - Understanding of basic incident response processes and investigation workflows. - Familiarity with common attacker techniques and indicators of compromise. - Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework or CIS Critical Security Controls. - Experience documenting investigations and response actions in case management platforms. Requirements - Able and willing to obtain a US Security Clearance. - This role may require occasional on-call support during off-hours to respond to security incidents.

Observability/Monitoring AI SIEM

View details: SOC Analyst

United States

Apply

Staff Threat Intelligence Analyst

Huntress

Managed endpoint protection, detection and response for the 99% who need it most.

Threat Intelligence Specialist1 day ago

Full Time Remote LeadTeam 201-500H1B No Sponsor

Company Site LinkedIn

Role Description The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking. - Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions. - Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported. - Responsible for creating reports for marketing to show Huntress’ value to the larger community. - Promote Huntress’ reputation through media interaction, public speaking, and blogs. - Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap. - Provides technical leadership for some members of the Security teams. - Supports the professional development of researchers and others in the organization through coaching and mentorship. - Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources. - Responsible for blog posts and other marketing materials regarding threat trends. - Excellent written and verbal communication skills. - Familiarity with utilizing AI in workflows. Qualifications - Minimum of 5 years of experience in the field of Threat Intelligence. - Experience with SIEM tools for scaled log analysis. - Familiarity with detection engineering, detection logic, i.e., Sigma Rules. - Experience researching and scoping threat hunt missions. - Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits. - Experience with 3rd-party intelligence tools, feeds, and reputation services. - Experience conducting OSINT gathering and analysis. - Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have). - Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have). Requirements - Excellent written and verbal communication skills. - Familiarity with utilizing AI in workflows. Benefits - 100% remote work environment - since our founding in 2015. - Generous paid time off policy, including vacation, sick time, and paid holidays. - 12 weeks of paid parental leave. - Highly competitive and comprehensive medical, dental, and vision benefits plans. - 401(k) with a 5% contribution regardless of employee contribution. - Life and Disability insurance plans. - Stock options for all full-time employees. - One-time $500 reimbursement for building/upgrading home office. - Annual allowance for education and professional development assistance. - $75 USD/month digital reimbursement. - Access to the BetterUp platform for coaching, personal, and professional growth.

AI SIEM Microsoft Windows macOS C C++Go Python

View details: Staff Threat Intelligence Analyst

United States

$190K - $210K / year

Apply

1,507more opportunities are still waiting for you.Log in now and take your next shot before someone else does.