REMOTE
Schedule: 8:00 pm - 5:00 am ET (Monday - Friday)
- shift work and holiday work are required as part of a 24/7/365 SOC **
About The Role
As a Senior Security Analyst, you will help mitigate our clients’ risk of attack and immediately contain threats that do penetrate their defenses. You’ll provide subject matter expertise on cyber threats, evaluate and report on network traffic and system logs as well as assist in Incident Detection and Response and Vulnerability Management for our Threat Management Solution clients.
Responsibilities:
- Analyze alerts and pivot into log data to identify, escalate, communicate, and contain threats, focusing on the direct interface with the customer's in-house security organization.
- Proactively conduct advanced threat hunting to seek out attacker presence in client environments.
- Continuously learn customer environments to develop a deep understanding of a client’s business drivers and risk appetite.
- Identify attack vectors, threat tactics, and attacker techniques, tailoring findings to meet specific client security needs, including driving the creation and tuning of alerts.
- Review and validate the work of other analysts, serving as a primary liaison with the customer, and ensuring alignment with their security requirements.
- Collaborate closely with internal teams to escalate and resolve issues, refine existing processes, and enhance Standard Operating Procedures (SOPs).
- Create and maintain trusted and strategic advisor relationships with key MDR Security customer stakeholders, including developing success criteria and plans to support monthly and quarterly presentations of measurable trends and outcomes
- Engage directly with clients to understand, anticipate, and capture their needs, concerns, evolving objectives, and scope of operations
- Shift work and holiday work are required as part of a 24/7/365 SOC
Technologies:
- Minimum of 4 years of experience with one or more of the following: Microsoft Defender, CrowdStrike, SentinelOne.
- Advanced knowledge of Intrusion Detection System (IDS) / Intrusion Prevention System (IPS) tools and applications
- Demonstrated experience with 2 or 3 of the following:
- Packet Capture (PCAP) analysis using Wireshark
- Familiarity with commercial or open source log or SIEM solutions
- Event analysis, correlation, reporting and alerting
- Reverse engineering malware and host-based analysis/detection
- Service discovery tools such as nmap
- Vulnerability scanning tools such as Nessus, Nexpose, and/or Qualys
- Experience with system or network administration (Unix/Linux experience preferred)
- Experience and knowledge of information security, IPv4/v6 networks, network devices, proxies, IDS/IPS, and monitoring tool
Knowledge & Skills:
- Degree in Computer Science, Engineering, or a related technical discipline or equivalent work experience
- 5+ years of experience in a SOC Analyst or SOC Advisory position.
- SEC+, CySA+, GSEC, GCIH, GCFA, or equivalent certifications/experience (preferred)
- Strong understanding of cybersecurity fundamentals, threat landscapes, and attacker methodologies (e.g., TTPs, APTs).
- Proven ability to conduct effective incident investigations, threat hunting, and response coordination.
- Excellent analytical and critical thinking skills with a high attention to detail.
- Ability to interpret complex data and communicate findings clearly to technical and non-technical audiences.
- Experience collaborating with clients or stakeholders to align security priorities with business objectives.
- Skilled at mentoring junior analysts and reviewing the quality of their work.
- Flexible and adaptable in fast-paced, high-pressure environments, including 24/7 SOC operations.
Who we are:
At Pondurance we
embrace, educate, and protect people by helping make
our world a better and safer place. We believe in
inviting good people into our company
who are driven to become great!
Every person at Pondurance is
encouraged to focus and grow in their individual areas of
interest, passion, and career path. We have
accessible leaders as
Mentors who believe “None of us are as smart as all of us” (R. Pelletier).
We believe everyone has the
freedom to be themselves, especially at work and so we embrace, support, and celebrate each other. Each one of us influences our company’s direction through speaking up,
you have a voice and we want you to use it.
Do you want to be a part of something different? Do you want to influence real change? Do you want to be part of the solution? Then join us in redefining the security and cyber risk landscape.
What We Offer:
The opportunity to apply your expertise, take on new challenges, and help customers address their biggest security objectives.
An inclusive culture of teamwork that embraces the diversity of our people and communities in which we work. Some of the corporate benefits (there are more) for full-time employees include:
- Medical, dental, vision, disability, FSA, HSA, life and AD&D insurance, 401(k) Plan.
- Time off: PTO, sick, holiday, & parental leave details are available
- Money: We provide competitive compensation packages based on the market and your overall credentials.
Although this is a remote role, if you live close by, you’ll have access to our office locations: McLean, VA or Indianapolis, IN.
To promote a healthy and safe work community we require background and drug screenings as part of our hiring process. Details of our process will be provided upon request.
We are an equal opportunity employer focused on celebrating diversity and inclusion. We believe that each individual should be treated equally without regard to race, color, identity, national origin, protected veteran status, religion, sex including sexual orientation and gender identity, disability, or any other characteristic protected by law.
