Cybersecurity Analyst II - Crowdstrike Specialist

Performance Outcome: Cybersecurity Analysis and Management  

The Cybersecurity Analyst II works as part of the 24/7 Security Operations Center (SOC). As a mid-level analyst, they are continuing to learn and deepen their knowledge and skills in the intricacies of the cybersecurity field, but are also able to work well independently and be trusted. They leverage advanced security tooling and automation to rapidly detect and respond to real-time security alerts and events and help conduct detailed root cause investigations. When necessary, this includes involving more senior cybersecurity personnel during the triage process, and leading events and cybersecurity incidents throughout the resolution process (Incident Response Playbook).  

Individual tasks include:  

• Understand and utilize company’s SOC technologies, including but not limited to, a Security Information Event Management (SIEM) platform, Intrusion Detection System (IDS), Endpoint Detection & Response (EDR) solution, and insider threat tooling 

• Drive complex investigations and conduct deep analysis of security events, across various company security platforms, focused on rapid containment and remediation  

• Run security incident response (IR) activities, triaging through recovery/closure 

• Perform Threat Hunting activities when not involved in IR activities 

• Track industry cybersecurity attacks and vulnerabilities and work proactively to address cyber risks (think SolarWinds, Log4j, etc.). 

• Provide high quality written and verbal reports, as required 

• Engage in ongoing personal study of modern technologies and industry-related knowledge and skills 

Performance Outcome: Engagement and Collaboration 

The Cybersecurity Analyst II will work intricately with their teammates and neighboring teams’ cybersecurity engineers, systems engineers, software engineers, and others. They will also partner with business partners in other departments to identity and mitigate a wide variety of threats and malicious activity. 

Engagement responsibilities include:  

• Work closely and effectively teammates, which may include fellow analysts, cybersecurity engineers, software engineers, systems engineers, program managers, or others 

• Act as an internal specialist on matters relating to intrusion detection and incident response (IR) 

• Respond to security events and threats from alerting, escalations, and other sources  

• Collaborate with cybersecurity engineers to improve monitoring, detection, tooling, and integrations 

• Coordinate with cross-functional teams to develop and implement effective cybersecurity controls and measures 

• Actively participate in team meetings and activities  

• Share on-call/escalation responsibilities with your team 

Education, Knowledge, and Experience ​

• CrowdStrike – deep and demonstratable experience is required 

• 2-5 years of experience in cybersecurity or related role  

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or similar field, or equivalent industry experience  

• Knowledge of information security principles, concepts, and industry standards 

• Familiarity with cybersecurity frameworks  

• Familiarity with a variety of operating systems and threats that target them, including Windows, LINUX, and MacOS 

• Cloud security experience, such as AWS and Office365  

• Experience testing and securing software and/or systems  

• Experience with security incident management and response   

• Attributes:  

• High degree of confidentiality and personal integrity  

• Excellent communication and analytical skills that demonstrate the ability to distill complex challenges into actionable solutions 

• Willingness to learn new approaches and technologies 

• Ability to work well with other engineers in a collaborative environment 

• Attention to detail and quality 

• Open-minded approach to new ideas and approaches 

• Willingness to challenge others and be challenged 

#LI-Remote