Managed Network Detection and Response (MNDR) Analyst

Company Description

Arista Networks is an industry leader in data-driven, client to cloud networking for large data centre, campus and routing environments. Arista’s award-winning platforms deliver availability, agility, automation, analytics and security through CloudVision® and Arista EOS®, an advanced network operating system.

Job Description

Awake’s mission is to protect companies from advanced cyber-attacks and to help their security teams operate with super-human efficiency. Our approach is simply different than what is available today, and we aim to create a world-class, diverse and enduring capability to help protect the information assets that enrich our world.

Our team is composed of customer focused professionals with best in class industry experience.  Our team of extremely talented and friendly individuals is looking for new members who are passionate, motivated, and most of all enjoy working closely with customers to ensure their success.

Full Time US shift

Responsibilities

• Support Awake Labs Managed Network Detection and Response (MNDR) solution 

• Conduct threat hunting and investigations using Awake’s network traffic analysis platform

• Investigate, document, and report on information security issues and emerging trends 

• Coordinate with other internal Awake Labs analysts or internal departments on activities impacting a diverse customer base

• Conduct network log and network PCAP analysis, malware triage; and other investigation related activities in support of Incident Response investigations

• Assist Awake's clients by advising on and helping to implement incident remediation plans

• Develop code scripts and tools to automate the analysis of forensic artifacts and other MNDR solutions

• Evolve existing Awake Labs methodologies to enhance and improve our DFIR practice

• Assist with client onboarding and monthly reporting calls.

• Provide training, present to small groups, write blogs, and speak at conferences such as Blackhat and BSides

• Write executive and technical reports for client engagements

Requirements

• 3 or more years of Managed SOC experience using network traffic or monitoring technology

• 2 or more years of Managed SOC experience on either network or Endpoint Detection and Response (EDR) technology

• Have the personality of someone who likes to dive into a PCAP, look at the raw hex, and also jump into the protocol RFC/specification document(s) to better understand it

• Ability to parse and read PCAP data using Wireshark or other tools as well as being able to read text-based network logs to identify malicious activity

• Ability to read blogs, conduct research, and convert threat intelligence into detection models

• Understanding of a wide range of network protocols and how they function at their lowest levels

• Proficient with network-based hunting and analysis

• Ability to code scripts in Python, Go, and/or Powershell

• Familiar with Splunk, ELK, and or other SIEM tools

• network traffic with endpoint artifacts with customer environments

• Ability to prioritize and complete multiple tasks with little to no supervision

• Ability to work independently or as part of a collaborative team effort

Other Desired Benefits

• Experience with Awake’s network traffic analysis platform

• Excellent customer-facing skills

• Ability to perform tabletop incident response exercises

• Strong understanding of network security concepts

• Cloud (AWS, Azure, GCP, and O365) DFIR experience

• Advanced Python, Go, C#/.NET and/or Powershell

• Familiar with interacting and/or writing APIs

• CREST Certified in incident response