Threat Ops Analyst

Calling all passionate security defenders!

In your capacity as a ThreatOps Analyst at Ivanti, you will serve as an indispensable member of our ThreatOps team, propelling our cloud security efforts to new heights. Your core role will involve active participation in security incident response, where your deep expertise will be instrumental in effectively managing and mitigating security incidents across both Ivanti's cloud and on-premises environments. Your primary focus will be on reinforcing our security posture, elevating our incident response capabilities, crafting detection content to enhance our security detection mechanisms, and aggregating invaluable threat intelligence. This role stands as a linchpin in safeguarding the resilience and security of Ivanti's infrastructure and services, encompassing both cloud and on-premises aspects.

You'll be responsible for:

• Unearthing both known and unknown threats using your Incident response & Threat Intelligence skills and understanding of attacker tactics (TTPs).
• Taking point on cybersecurity incidents, investigations (external attacks, insider threats, digital forensics), and keeping stakeholders informed through detailed reports.
• Utilizing your deep knowledge of SIEM, EDR, DLP, email threat detection, and cloud platforms (Azure, AWS, GCP) to conduct in-depth investigations.
• Analyzing security logs from various sources to identify and disrupt potential threats before they cause damage.
• Streamlining security operations by automating response tasks for maximum
• Recommending and documenting effective risk mitigation strategies to
• Working seamlessly with Senior Threat Analyst’s, the Incident Response Manager, and the Security Architecture Team.
• Guiding and sharing your knowledge with team

We're looking for someone who:

• Has a bachelor's degree in information systems, MIS, or a related technical
• Boasts 2-3 years of experience in cybersecurity incident response, threat hunting, and/or digital forensics.
• Is a whiz with security tools like SIEM, EDR, DLP, email threat detection solutions, cloud platforms, forensics tools, and network security solutions.
• Understands Windows, Linux, and/or Mac operating systems at a filesystem level and is familiar with the MITRE ATT&CK framework.
• Has a keen eye for spotting anomalous activity, lateral movements, living-off-the-land techniques, and potential intrusions.
• Thrives in a fast-paced environment and possesses excellent organizational and time management skills.
• Can effectively research and develop countermeasures against security
• Has a proven track record of collaborating with internal and external partners to identify and implement effective security practices.

Bonus points for:

• Holding industry-recognized certifications like SANS, Comptia, EC-Council or Blue Team

Ready to join our team of security warriors? Apply today!

#L1-SHUBHANGI