Senior IR Security Analyst

Our mission at Dragos is to protect the world’s most critical infrastructure from adversaries who wish to do it harm. We help defend industrial organizations that provide us with the tenets of modern civilization: running water, functioning electricity, and safe industrial working environments.
The IT Security team is responsible for securing Dragos infrastructure and data. IT security is vital to ensuring a strategic Information Security program that adapts to ever-changing environments, risks, and vulnerabilities.
The Dragos IT Security team is looking for an experienced Information Security Analyst to expand our internal information security team. This role will participate in, and lead projects and programs primarily focused on security monitoring, detection, and response.

Responsibilities

• Lead the planning and design of Dragos’ monitoring, detection, and response infrastructure, including managing partner relationships with vendors and consultants
• Develop and maintain Incident Response playbooks, and participate in information security incidents as a senior member of the incident response team
• Triage, delegate, and escalate inbound information security detections and alerts
• Writing, tuning, and maintaining IDS, SIEM, and EDR detections and rules, including the use of adversary emulation techniques to validate the efficacy of detection rulesets
• Cross-coverage across cybersecurity domains within Dragos as needed

Requirements

• 7+ years of experience in cybersecurity, with 5+ years of experience in security monitoring, detection, and response
• Hands-on experience with writing and maintaining detection rulesets, including but not limited to Sigma, Suricata/Snort, Elastic EKS, Zeek, and Yara
• Experience designing and implementing solutions within a Zero Trust Architecture
• Experience with implementing active deception techniques such as canaries and honeypots
• Security incident response experience

Dragos is the Industrial Cybersecurity expert on a relentless mission to safeguard civilization. In a world of rising cybersecurity threats, Dragos protects the most critical infrastructure – those that provide us with the tenets of modern civilization – from increasingly capable adversaries who wish to do it harm. Devoted to codifying and sharing our in-depth industry knowledge of ICS/OT systems, Dragos arms industrial defenders around the world with the knowledge and tools to protect their systems as effectively and efficiently as possible. Founded by world-class industrial intelligence experts, Dragos has the industry’s largest team of ICS/OT practitioners who have been on the front lines of the world’s most significant industrial cyber-attacks. Diversity, Equity, and Inclusion are core values at Dragos, and we are passionate about building and sustaining an inclusive and equitable working environment for all. We know that every member of our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and discover, design, and deliver solutions. Not only does a Diversity, Equity, and Inclusion focus enrich our environment and teams, but it is also critical to our success as we defend against adversaries all over the world. The broad range of ideas, experiences, and perspectives is critical to our success. Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.
#LI-PL1 #LI-REMOTE