Threat Security Analyst
San Francisco, CA or Remote (US Only)
Applications have closed
Human Interest
Human Interest makes it easy and affordable to help your employees save for retirement.Human Interest is on a mission to ensure that people in all lines of work have access to retirement benefits.
Social Security, our nation’s retirement safety net, is projected to be insolvent as soon as 2035, making employer-sponsored 401(k) plans the primary retirement savings vehicle in the U.S. Nearly half of all working Americans are not saving enough for their future because they are employed by a company that doesn’t offer a retirement plan. Human Interest is changing that by making it affordable and accessible for small and medium sized businesses to offer employees a path to financial independence through retirement savings.
Our values are the guiding principles we use to build solutions for plan administrators and participants. They reflect our point of view on what’s important and what’s right:
In it for customers, autonomous & accountable, outcomes driven, inclusive collaboration, and decisive.
Human Interest is currently seeking a Threat Security Analyst working with Security Operations Center (SOC) Threat Security Analyst. You will be responsible for the daily triage of alerts from all HI Security platforms. You will handle detection and response to Human Interest clients, Cyber Executive Protection (CEP), and internal business units.
Human Interest is seeking candidates that want to get immersed in the field of cybersecurity by performing mission critical SOC analysis and Incident Response. We are looking for people who want to learn the best practices of cybersecurity from experienced intelligence professionals and cybersecurity thought leaders. Candidates for this position should have the relevant experience within complex analytical roles that include security event investigations, incident response, forensic analysis, and malware reverse engineering, report writing, leading projects, leading teams and mentoring.
What you get to do every day
- Work assigned shifts that will include around-the-clock coverage of SOC duties.
- Triage alerts from intrusion detection systems, antivirus, cloud-based services, windows servers, network infrastructure, data loss prevention systems, and user behavior analytics.
- Detect and analyze malware samples, hacking tools, phishing kits, network packet captures, exploits and network infrastructure associated with adversaries to document and perform hunts for related activity.
- Conduct deep-dive analysis on attacks and share actionable data with partner teams.
- Escalate alerts into incidents based on their severity including prioritization of the alerts for follow on incident response activities.
- Provide feedback on process improvements and how to eliminate false positive alerts from the ISIR workflow.
- Identify and track adversary infrastructure and tools by leveraging open source and commercial datasets.
- Identify, document and monitor tactics, techniques and procedures used by threat actors targeting HI and the broader industry.
- Collaborate with Managed Service Providers and clients to handle inbound requests for information during normal duty hours.
- Participate in ongoing skill development to build incident response skills to support complex investigations.
- Interface with our customers for various threats, concerns and issues.
- Collaborate with partner teams to design and maintain systems supporting collection, processing and analysis of raw intelligence and data.
What you bring to the role
- Academic and/or working experience with TCP/IP networking, and networking services such as DNS, SMTP, DHCP, etc.
- Advanced knowledge of Windows, MacOS, Linux-variant operating systems such as the file system structure, system services, typical behavior of endpoints and servers.
- Advanced knowledge of cloud-based services such as Google GSuite and other SaaS productivity tools.
- Experience with Security tools or relative to:
- AWS Guardduty
- SIEM ELK or Splunk
- NIDS Darktrace
- HIDS or ERD/XRD Sophos
- DLP and SOAR tools
- Good understanding of Incident Response Handling procedures, Cyber Kill Chain and the MITRE ATT&CK framework.
- Ability to work both independently and collaboratively with peers, across teams, and with management.
- Excellent analytical skills.
- Excellent communication, presentation and listening skills.
- Excellent organizational and time-management skills, and the ability to multitask and prioritize.
- Flexibility and adaptability to change.
- Formal cybersecurity training or certifications in relevant fields including incident response, intrusion analysis, penetration testing or hands-on system administration is a plus.
- Excellent customer service skills.
- Bachelor’s Degree in Computer Science, Information Systems, Electrical Engineering, Computer Engineering, associated Cybersecurity field of study, or equivalent experience.
Please feel free to apply to this position even if you do not meet 100% of the requirements listed above.
About Human Interest:
We’re a high-growth, Series D-funded company that’s changing the retirement industry. Human Interest is seeking to build a best-in-class product to help small businesses give their employees a path to financial independence. Named one of America’s Best Startup Employers by Forbes, one of the Best Places to Work by the San Francisco Business Times, and a 2021 Top Company by Y Combinator, we’re looking for incredible talent to help us achieve our mission: ensuring people in all lines of work have access to retirement benefits. Human Interest has raised $305M and is backed by leading investors that include TPG (The Rise Fund), SoftBank, Glynn Capital, NewView Capital, USVP, Wing, Uncork, and others.
Inclusive collaboration makes us a better business
We deliberately build processes to create a workplace where all are welcome and accepted. We're proactive and purposeful in prioritizing diversity and inclusion internally not only because it's the right thing to do, but also because we believe it's the only way to effectively create products and services that can be truly helpful to all people.
Human Interest is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran or military status, pregnancy, or any other characteristics protected under federal, state, or local laws.
Human Interest employees must adhere to the Company’s security policies and Code of Ethics.
Please note Human Interest does not accept unsolicited resumes from any source other than directly from candidates. We will not consider resumes from vendors including and without limitation search firms, staffing agencies, fee-based referral services, and recruiting agencies.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
https://humaninterest.com/disclosures
We comply with CCPA guidelines.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics AWS CCPA Cloud Computer Science Cyber Kill Chain DNS ELK Exploits Incident response Intrusion detection Linux MacOS Malware MITRE ATT&CK Open Source Pentesting Reverse engineering SaaS SIEM SMTP SOAR Splunk TCP/IP Windows
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs