Security Analyst

US-Remote

Applications have closed

The Basics:

The Security Analyst role provides candidates with hands-on experience performing analysis and remediation of information security events. In addition to investigating events, candidates will be responsible for making improvements to existing detection and prevention controls through process and technology improvements, including the use of automation platforms. Candidates are expected to question the status quo to identify opportunities for continuous improvement and are enabled to take action to ensure the effectiveness of a distributed security program operating within DevOps centric workflows.

What you'll do:

  • Drive continuous improvement across all aspects of Security Operations
  • Perform daily event and incident triage (e.g., malware triage, network analysis, live response, etc.)
  • Develop and maintain security operations processes & documentation (e.g., runbooks, operating procedures, etc.)
  • Assist with the analysis and remediation of security incidents
  • Enhance detection and prevention controls (e.g., logic updates, exclusions, etc.)
  • Collaborate on design, architecture, and threat models to incorporate detection and monitoring requirements
  • Collaborate on response, containment, and remediation for confirmed security incidents
  • Work with different operating systems and cloud hosting providers (e.g., AWS, GCP, Azure, OCI)
  • Develop automation playbooks to improve the efficiency of operation processes
  • Seek opportunities for continuous improvement and drive efficiency
  • Maintain working knowledge of attacker tactics, techniques, and procedures (TTPs)
  • Maintain event collection environment through health monitoring

We’re looking for someone with:

  • Education
    • Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
  • Required Experience
    • 2+ years working in an information technology role
    • Familiarity with attacker tactics, techniques, and procedures and means of detection
    • Working knowledge with networking basics, including TCP/IP and layer 7 protocols
    • Working knowledge of modern cloud computing concepts and technologies
    • Excellent communication (verbal and written), critical thinking, and analytical skills
    • Ability to work both independently and as part of a team
  • Preferred Experience
    • Familiarity of security tools and platforms (e.g., SIEMs, vulnerability scanners, and malware analyzers)
    • Familiarity with incident response procedures and processes
    • Familiarity with threat actor tactics, techniques, and procedures (TTPs)
    • Familiarity with the MITRE ATT&CK framework
    • Experience working within a Kanban environment
    • Experience with at least one scripting language (Python or PowerShell preferred)

This position is available for remote workers with flexible working hours but may require occasional work outside of normal business hours.

About Tanium 

Tanium, the industry’s only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Operations, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune’s list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That’s the power of certainty. Visit www.tanium.com and follow us on LinkedIn and Twitter.

On a mission. Together. 

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.   

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things. 

Taking care of our team members 

Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most.   

 

For more information on how Tanium processes your personal data, please see our Privacy Policy

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Automation AWS Azure Cloud Computer Science DevOps GCP Incident response Kanban Malware MITRE ATT&CK Monitoring PowerShell Privacy Python Scripting TCP/IP TTPs

Perks/benefits: Flex hours Flex vacation Team events

Regions: Remote/Anywhere North America
Country: United States
Job stats:  147  54  2
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.