Huntress
Managed endpoint protection, detection and response for the 99% who need it most.
Senior Tactical Response Analyst
Location
United States
Posted
66 days ago
Salary
$145K - $165K / year
3 yrs expEnglishAzureCloudJava ScriptLinuxMac OSPHPPythonRubySplunk
Job Description
• Lead or support tactical incident response engagements for customers who already utilize Huntress MDR. Perform live analysis on systems to determine the root cause of an intrusion, and craft reports that summarize the intrusion, with the next steps to be taken
• Research, develop, and test new tooling in the form of automations, scripts, and tools for analysis
• Perform intermediate malware analysis as part of response efforts
• Perform OSINT as part of response efforts
• Contribute to content creation efforts such as blogs, videos, podcasts, and webinars
• Contribute to community-driven projects and frameworks, such as MITRE ATT&CK, HijackLibs, and the LOLBAS Project.
• Speak with customers to explain or summarize findings from investigations
Job Requirements
- 3-5 years working in one or more of the following: SOC, MDR, Threat Hunting, or Incident Response roles
- Experience leading or participating in Incident Response engagements for external customers
- Experience with tools such as osquery, Velociraptor, or leveraging EDRs to perform forensic artifact analysis on systems
- Confident command of forensic tools - such as Ericzimmerman’s EZ tools, RegRipper, Hayabusa, or Chainsaw - and forensic artifacts - such as prefetch, jumplists, shellbags, and more
- Deep understanding of offensive security tradecraft, particularly persistence, lateral movement, credential theft, and remote access.
- Confidently able to track threat actors across an organization and timeline the activity
- Strong familiarity with one or more detection languages such as Sigma, Suricata, Snort, or Yara
- Familiarity with OSINT sources and how they can help answer questions relating to threat actor activity and infrastructure
- Strong familiarity with various query languages such as KQL, EQL, ES|QL, Splunk SPL
- Intermediate malware analysis skills
- Intermediate knowledge of Windows internals
- Intermediate knowledge of Linux and macOS internals is a bonus
- Strong understanding of the current threat landscape, initial access brokers, and ransomware actors
- Passionate and involved with the community through blogs, social media, conferences, etc.
- Experience with scripting (such as PowerShell, Python, Bash, PHP, JavaScript, or Ruby)
- Demonstrable experience providing written and/or verbal customer-facing deliverables
- Experience with detection and response in cloud environments such as Microsoft M365/Azure
- Comfortable using Git to contribute to internal projects
Benefits
- 100% remote work environment - since our founding in 2015
- Generous paid time off policy, including vacation, sick time, and paid holidays
- 12 weeks of paid parental leave
- Highly competitive and comprehensive medical, dental, and vision benefits plans
- 401(k) with a 5% contribution regardless of employee contribution
- Life and Disability insurance plans
- Stock options for all full-time employees
- One-time $500 reimbursement for building/upgrading home office
- Annual allowance for education and professional development assistance
- $75 USD/month digital reimbursement
- Access to the BetterUp platform for coaching, personal, and professional growth
Related Guides
Related Categories
Related Job Pages
More Analyst Jobs
Analyst66 days ago
Full TimeRemoteTeam 1,001-5,000Since 2018H1B No Sponsor
Board Certified Behavior Analyst creating impactful ABA programming
Arizona
Analyst66 days ago
Full TimeRemoteTeam 10,001+Since 1954H1B Sponsor
Senior Cost Analyst supporting the Defense Health Agency (DHA) Operational Medicine (OPMED)
Analyst67 days ago
Full TimeRemoteTeam 51-200H1B No Sponsor
Fraud Analyst managing merchant services at FFB Bank
Analyst67 days ago
Full TimeRemoteTeam 51-200Since 2001H1B Sponsor
Media Analyst managing digital campaigns for various clients
