Security Operations Analyst, MDR

The Company

Every day, NuHarbor Security improves the cybersecurity of our clients. Our managed security services are always watching over them, ensuring their systems are configured correctly and alerting them when real security events occur, while our penetration testing and information assurance teams provide security insight and recommendations to improve protections and shared response activities. We're growing quickly because our clients, and the general market, are looking for more comprehensive assistance with their security strategy than product vendors or traditional service providers can offer.

The Role

The Security Operations Analyst, MDR will be responsible for reviewing alerts in Microsoft Sentinel and CrowdStrike and actively alerts investigating to closure. This role will perform incident response to proactively work with clients to mitigate known risks.

What you'll do

• Lives by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House.
• Provides and is an active participant in Incident Response process to support client needs.
• Continually researches the cyber industry to stay up to date on current threats, threat actor's tactics and techniques, and emerging vulnerabilities.
• Review analytics queries and tuning metrics to ensure assigned and working properly.
• Ensures proper documentation of activities and monitors security alerts, events, and trends on behalf of clients.
• Develops, implements, and improves documentation and operational processes.
• Independently conducts investigations and provides actionable, context relevant, escalations and recommendations to clients.
• Attends quarterly meetings and client satisfaction calls as a representative for the Analyst team.
• Is responsible for ensuring Analyst portions of quarterly reports are generated to standard and on-schedule.
• Proactively identifies and communicates internal and client risks.
• Maintains current certifications and training to support our clients effectively.
• Develops recommendations and enhancements to mature a client's cybersecurity program.
  
  

Your foundation. The requirements for this role:

• Bachelor's Degree and five (5) years of experience. Experience should be in a cybersecurity field and should include relevant industry certifications.
• Typical Degrees: Computer Science, Information Technology, Cybersecurity, Data Analytics, Mathematics, or related field(s).
• In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required.
• Demonstrated experience with SIEM solutions, SOC operations, executing security event triaging and tuning.
• Experience working in CrowdStrike and/or Microsoft Sentinel or Defender.
• Strong understanding of Incident Response phases and demonstrated experience responding to security incidents.
• Demonstrated verbal and written communication skills for various internal and external audiences.
• Must have an advanced understanding of, and ability to communicate, security technologies that can be used to mitigate cyber risks.
• Experience and fluency in participating and leading incident response and/or forensic analysis.
• Proficiency with operating systems such as Windows/Linux and related
• Deep understanding of software and systems.
• Demonstrated knowledge of security log and infrastructure design.
• Ability to explain simple hardening methods for network and process detections.
• Familiarity with common endpoint concepts.
• Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats.
• Ability to anticipate problems, communicate them, and resolve appropriately.
• Must be a citizen of the United States.
  
  

Additional capabilities that will differentiate you for this role:

• Bachelor's Degree and seven (7) or more years in the Information Technology field.
• Holds at least one relevant industry certification (GCFA, GCIH, CEH, CISSP, etc.)
• Demonstrated experience providing service to a broad range of users and experience levels.
• Aptitude and desire to develop and help build new capabilities in the SOC.
• Attention to detail and a methodical approach to standard operating procedures.
• Ability to manage multiple concurrent objectives or activities, and effectively make judgments.
• Understanding of common network services and attacks against them.
• Experience identifying gaps within security control architecture.
• Technical experience in cybersecurity field preferred.
• Holds Azure certifications (AZ-500, AZ-700, AZ-305) .
• Holds a CrowdClass Sales Engineering Certification.
  
  

The Rewards

What you can expect:

• The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market
• An organization that recognizes and rewards employee commitment and contribution to our customers' satisfaction and success
• Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption
• A collaborative and driven working environment in a rapidly growing company and market
• A fun and social working environment where you are encouraged to be your true self
  
  

You can also expect competitive salary and benefits, including paid time to give back in your community and generous PTO.

We are purpose driven. We, as an organization, above anything else protect the house first and then help our customers win. If this sounds like the kind of organization you'd like to be a part of, we'd like to hear from you.

AAP/EEO Statement

The Equal Employment Opportunity Policy of NuHarbor Security is to provide a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability. NuHarbor Security hires and promotes individuals solely based on their qualifications for the job to be filled.

NuHarbor Security believes that employees should be provided with a working environment which enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability. We expect and require the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere.