Lead Security Analyst (Remote)

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!

Who We Are

Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.

Deepwatch recognition includes:

• Forbes America’s Best Startup Employers 2022
• Great Place to Work® Certified 2022
• Cybersecurity Excellence Award for MDR 2022
• Forrester: Top 10 MDR
• Goldman Sachs portfolio company: $53m Series B investment 2020

Position Summary

The Lead Security Analyst is responsible for analysis quality and accuracy service deliverables. They serve as a mentor to Security Analysts within their assigned Deepwatch delivery squad and assists with training and development of analyst skill set. They may serve as a technical subject matter expert for employees and customers. The Lead Security Analyst is responsible for ensuring that shifts are covered through collecting and vetting Analyst requests for PTO and working with the Squad Manager to frame shift schedules appropriately. They work a flexible schedule with core hours dictated by customer meetings and as approved by the Squad Manager or Squad Director. This position is virtual / remote working from a home office unless at a customer site. This role may be required to assist in alert coverage and triage when alert volume exceeds normal thresholds or if otherwise required.

Position Responsibilities

• Maintains and updates standard procedures for the analyst team
• Conduct reviews of analysis (in conjunction with Lead Security Analysts from other squads)
• Co-develop and maintain analyst shift schedules for the squad with the Squad Manager, ensure shift coverage; including covering a shift as required or when alert volume exceeds normal thresholds
• Serve as an escalation point for analysts in squad, including customer incident response events
• Interfaces with customers or internal teams when the Squad Manager/Director may be unavailable
• Assist Squad Manager/Director with tracking of initiatives, including planning and task delegation
• Serve as a mentor and assist the Squad Manager/Director with training and development of analyst skill set
• Attend customer and internal meetings and represent analyst perspective
• Assist with maintenance of internal customer documentation
• Provide input or assistance to Customer Success Managers and Squad Manager/Director in the creation of executive briefings
• Assist Squad Manager/Director with coordinating and ensuring appropriate resolution of customer requests assigned to Security Analysts; ensure expectations and outcomes are clearly communicated to customers
• Provide guidance on best practices regarding alert closure notes and ticket creation
• Ensure timely updates and responses to tickets, customers and internal stakeholders
• Contribute to the creation and/or maintenance of investigation reports

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Required Knowledge, Skills and Abilities

• Strong verbal and written communications skills; ability to effectively communicate to both technical and non-technical audiences
• Bachelor’s Degree and 3+ years in Cybersecurity Operations or related/equal experience, with preference for MSSP
• Incident handling and response
• SIEM experience or related/equal experience
• SOAR, Ticketing Systems and Threat Intelligence platforms
• Operating Systems and Networks
• Experience with the following concepts:
  • Full packet capture analysis
  • Malware analysis (Static/Dynamic)
  • Host forensics (Windows)
  • Email Analysis
  • Virtualization
• Experience using administrative tools, including but not limited to Microsoft Products
• 1 year of experience in a mentorship role
• Ability to position and discuss security issues with customer technical and leadership audiences to reach positive outcomes
• Industry recognized cybersecurity certifications:
  • SANS, EC-Council, CompTIA, GCIA, GCIH, CEH, CySA, Net+, or Sec+
• Scripting experience

Preferred Experience, Skills and Knowledge

• Degree in Information Security or Information Technology
• 1 year of experience in a leadership or supervisory role
• Scripting Experience
• Industry recognized cybersecurity certifications:
  • SANS, EC-Council, CompTIA, GCIA, GCIH, CEH, CySA, Net+/Sec+

ITAR Compliance

This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

• A citizen of the U.S.
• A lawful permanent resident of the United States
• A person admitted to the United States as a refugee
• A person that has been granted asylum by the United States government

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.

Colorado* Candidates:

For applicants in Colorado, the salary range for this role is $96,000 to $120,000 + bonus + commissions + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.

• Note: Disclosure as required by sb19-085 (8-5-20).

What We Offer:

Deepwatch is excited to provide benefits designed to support team members and their families. Including:

• Medical, dental, vision, and disability insurance
• Paid time off, holidays, and family leave
• 401(K) retirement program with employer match
• Unique professional development benefits, starting at $3,000 annually
• Learn more here: https://www.deepwatch.com/careers/#benefits

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.

Deepwatch welcomes and encourages applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process. Please inform your recruiter or contact recruiting@deepwatch.com for further information.

All Deepwatch employees are expected to:

• Be interested in and able to work remotely from a home office when not at a corporate office
• Pass a pre-employment background and drug screen in accordance with applicable laws

Equal Opportunity Employer

Deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

By submitting your application, you agree that Deepwatch may collect your personal data for recruiting, global organization planning, and related purposes. The Deepwatch Privacy Policy explains what personal information we may process, where we may process your personal information, our purposes for processing your personal information, and the rights you can exercise over Deepwatch’s use of your personal information.

#LI-KH1