Stratascale Security Analyst - Operations

The Security Analyst will play a vital role in ensuring our client’s incidents are investigated, triaged, or action taken to remediate the incident. Their primary responsibility will be to support the alert management and incident handling process across multiple platforms and security technologies while providing in-depth analysis of alerts for our clients. 

The Security Analyst, will ensure timely investigation, actioning, and escalation of alerts using their expertise in incident handling, MDR, and SIEM technologies. They will guide clients through threat mitigation, perform threat hunting activities, and review clients' defense strategies for process improvements. Additionally, they will contribute to policy development, stay up-to-date with cybersecurity threats and mitigation techniques, and maintain high cybersecurity standards. Adapting to evolving security landscapes is crucial to your success in this role. 

This position is remote with a Home Office setup as determined by Stratascale management.

Stratascale, an SHI company, brings together the benefits of 31 years' experience delivering the very best technologies with a fresh consultative approach to designing, delivering and supporting the technology our customers need to transform their business. We call it Digital Agility.

 To learn more about Stratascale visit our website: https://stratascale.com/ 

Includes, but not limited to: 

• Support incident handling processes across multiple platforms and security technologies including Windows, Linux and macOS. 
• Provide in-depth analysis of escalated requests originating from clients or their Managed Detection & Response (MDR) services. 
• Validate suspicious events by performing investigations using SIEM and SOAR technologies, leveraging threat intelligence and OSINT, TTPs and IOCs. 
• Identify gaps in client environments, data ingestions, or configuration errors which reduce quality of security alerts. 
• Work with client and leadership to surface and resolve concerns around the security program. 
• Provide support to Security Analysts include coaching and training as necessary. 
• Leverage your knowledge of Alert Triage, SOC Operations, and Depth in Defense strategies to contribute to projects for overall client success 
• Produce high-quality written and verbal communications, recommendations, and findings to client management in a timely manner 
• Address improvement opportunities within Stratascale for automation and process improvements. 
• Provide the client with a complete understanding of the investigations and suggest corrective actions to resolve alerts. 
• Participate in the development of cross-practice training or delegate training to team members on practice discipline capability, associated offerings, industry positioning and selling strategies. 
• Provide off-hours support for Alert Management – as assigned. 

• 3-5 years of experience in alert management across multiple SIEMs such as Splunk, Log Rythm, and Sentinel.  
• 3-5 years of experience in alert tuning, threat detection, and incident response is also critical skills that will be required. 
• 3-5 years of experience with cyber security principles, concepts and practices including the ability to perform a complete and thorough incident investigation and triage with limited support. 
• 3-5 years of experience working with modern SOC solutions to include, but not limited to SIEM, EDR, Firewalls, Cloud Providers, Web Applications, etc. 

• Strong fundamental understanding of technical security solutions and how they address client risk exposure and solve key use cases. 
• Strong problem-solving capabilities with the ability to analyze complex data, identify patterns, and develop strategic solutions. 
• Demonstrate the ability to pivot to other log sources, cloud systems or consoles to perform a comprehensive analysis from multiple data sources 
• Proactive and self-motivated mindset 
• Ability to work effectively, add value as a team member for the practice discipline. 
• Excellent verbal and written communication skills, with the ability to effectively explain technical concepts to non-technical individuals and communicate with clients. 
• Proactive and self-motivated mindset 
• Ability to work effectively, add value as a team member for the practice discipline. 
• Ability to train and disseminate information within an area or operation and work effectively within all levels of an organization, both internally and externally 
• Ability to engage and discuss technical and non-technical concepts with many client audience types including C-Suite, VP/Director, Architect, Engineer and Analyst resources. 
• Poses an ability to simplify and explain complex problems to stakeholders of all levels across multiple functions. 
• Entrepreneurial mindset with ability to identify value in unstructured situations. 
• Emotional intelligence, flexible work style, and excellent diplomatic skills across all levels of the organization 
• Attention to detail, organization, and follow up skills are critical. 
• Ability to write, communicate and present subject matter to audiences of multiple levels. 
• Initiative to research and resolve problems with a positive attitude. 
• Excellent presentation skills and comfortable leading meetings and discussions 
• Ability to mentor and guide others. 

Certifications below are preferred but not required:

• Industry certifications: 
  • CIAM  
  • CISM / CISA / CRISC 
  • SANS (GSEC, GREM, GCIH) 
  • TCM (PJMR) 
• Vendor Solutions and product specific certifications or experience (or equivalent):  
  • Microsoft Sentinel or Splunk 
  • Sentinel One/Tanium 
  • MSSP/MDR security engineering experience. 

• Attend virtual customer meetings when appropriate 
• Travel to customer sites, partner sites, conferences and SHI offices up to 20% annually 
• Candidate will need to have access to an international airport  

• The estimated annual pay range for this position is $90,000 - $120,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.
• Equal Employment Opportunity – M/F/Disability/Protected Veteran Status