Cybereason gives organizations the upper hand by taking an entirely new approach to cybersecurity with AI Hunting, the first AI-powered technology that answers the question “Am I under attack?” proactively, without manual effort.  We're expanding our security services and looking for curious, diligent, technical people to help us build out and run our Nocturnus team.  As member of this elite team you'll be working closely with some of the best minds in incident response, malware analysis and security research, partnering with the highly skilled defense teams of our customers, and against some of the most advanced adversaries out there.

You will experience and investigate attacks that no one else has seen before.

Cybereason is looking for curious, diligent, technical people to be a part of our Global SOC team as a Tier 2 Security Analyst. As a member of this elite team, you’ll take an integral role within a 24x7 operational SOC, providing Managed Detection and Response (MDR) services to large organizations around the globe. You’ll be working closely with some of the best minds in incident response, malware analysis, and security research, partnering with our customers and partners to defend against the most advanced adversaries.

What You'll Do:

• Performing ongoing security analysis and triage of endpoint, network, mobile, and cloud alerts.
• Participating in various stages of incident investigations and threat hunting engagements 
• Writing and delivering detailed investigation and analysis reports while maintaining technical documentation
• Engaging in customer-facing interactions at all levels from SOC analysts to c-suite executives
• Analyzing, triaging, and remediating security incidents within defined SLAs
• Working closely with internal company teams (such as Product, Customer Success, etc.)

What We Are Looking For:

• 4+ years of experience working in IT security
• 2+ years of relevant cybersecurity experience in Incident Response, endpoint security, digital forensics, and a strong knowledge working in a 24x7/follow-the-sun SOC
• Background and experience in at least one of the following is a must:
• Malware analysis, Threat Intelligence, Penetration Testing, Incident Response, Reverse Engineering, or Digital Forensics.
• Strong knowledge of modern operating systems (Windows – a must, OS X and Linux – advantage)
• Solid foundation in networking protocols and architectures
• Experience with security tools and frameworks, particularly with open-source tools (such as Sysinternals, OLE tools, Volatility, debuggers, disassemblers, etc.)
• Experience with a scripting language (Python, Bash, PowerShell, etc.)
• Self-motivated and results-oriented; capable of leading and completing assignments without supervision
• Strong organizational skills and ability to handle a wide range of tasks and re-prioritize them on short notice
• Motivation to constantly improve processes and methodologies
• Ability to dive deep into a problem
• Able both independently as well collaborate within a team in a remote work setting.
• Excellent interpersonal, verbal and written communication skills, ability to elucidate technical content to non-technical personnel 
• Good written and oral communication skills, experience working with international customers

Strong advantage to candidates with solid background in:

• Endpoint security, threat analysis, and DFIR

More about our team

We want diverse skill sets and wicked smart people so we can learn from each other and solve interesting / difficult problems. We don't just click the same buttons over and over. You will be working closely with the security engineering team, research and development team, innovation team – all passionate / smart groups dedicated to improving our product and extending the reach and expertise of our security services organization. We work both independently and collaboratively with the common goal of achieving excellence and never being satisfied with mediocrity.

More about Cybereason

Cybereason is seriously disrupting the cybersecurity industry. Our enterprise endpoint protection and response platform is considered the most powerful product of its kind, leveraging machine learning and cutting edge predictive analytics. Cybereason secures the most critical assets of some of the world’s most important brands as well as many Fortune 100 and 500 leaders around the globe.

We are rewriting the rules on how organizations protect themselves against rapidly evolving adversaries. Today’s threat environment requires understanding the adversary and attack landscape. Since our start in 2012, our technology has stopped the world’s most advanced cyber-attacks and we harbor even greater ambitions.