Principal Security Operations Center Analyst - West Coast

View full description

Requirements:

• Located within the US Pacific Time Zone.
• 6+ years experience in a SOC, Incident Response, or Forensics role.
• Ability to explain complex alerts/events in a non-complex way, both written and verbal.
• Proven mentoring experience and skills to junior team members.
• Understanding of Malware Analysis techniques.
• Demonstrated experience with Windows and/or MacOS as an attack surface.
• Strong understanding of Threat Actor Tools and techniques including MITRE ATT&CK Framework.
• Strong experience with Windows Administration or Enterprise Domain Administration.
• Strong experience with M365/Cloud attack techniques.
• Demonstrated equivalent self-guided study experience or Bachelor’s degree in relevant fields.

Responsibilities:

• Function as the lead liaison between the SOC and other Product and Research teams.
• Build automation to help reduce the workload on the SOC through report template creation.
• Own and complete investigative objectives associated with multi-host intrusions without assistance.
• Triage, investigate, and respond to alerts coming in from the Huntress platform.
• Perform tactical forensic timelining and analysis to determine the root cause of attacks and provide necessary remediations.
• Perform advanced malware analysis as part of investigating systems and identities.
• Investigate suspicious Microsoft M365 activity and provide remediations.
• Assist in escalations from the product support team for threat-related and SOC-relevant questions.
• Engage with customers via video/phone to explain or describe activity observed by the SOC when needed.
• Contribute to detection efforts and help create or request new detections.
• Provide technical mentorship to junior team members.
• Contribute regularly to external facing Huntress content such as blogs, webinars, and presentations.