Senior Analyst (L2) LogRhythm
Full-Time, Exempt
Location: On-site, Scottsdale, AZ
We are currently seeking an individual to join our team that is self-driven and a system troubleshooter at heart. Senior Analysts are expected to handle customer facing investigations, mentoring, and training of fellow analysts, and to participate in interaction with customers and other teams through email or phone. Your primary responsibilities will be designing and implementing best-practice-based configurations and customizations on customer systems with LogRhythm. This position is located out of our Scottsdale, AZ office.
What You Will Be Doing
- Triage alerts and determine if further investigation or action is required by the customer.
- Assist customers with the investigation and response of incidents throughout the incident response process.
- Perform investigations of customer requests and be able to provide further contextual information along with recommended actions.
- Proactively threat hunt using network and host data within customer environments.
- Mentor junior analysts.
Required Qualifications:
- MUST HAVE: at least 2 years of experience triaging, investigating, and tuning of LogRhythm SIEM.
- Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks
- Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP’s (tactics, techniques, and procedures) used by threat actors
- Experience analyzing both log and packet data in a SIEM (RSA NetWitness, Azure Sentinel, Splunk, LogRhythm etc.)
- Strong understanding of incident response methodologies and reporting
- Experience using ticketing systems for tracking (JIRA, Remedy, ServiceNow, etc.)
- Candidate should be able to react quickly, decisively, and deliberately in high stress situations
- Ability to learn new technologies quickly
Preferred Qualifications
- Minimum of 3+ years of experience performing triage/incident response in enterprise environments
- Minimum of 3+ years of experience performing forensic analysis of logs and packet captures to identify malicious artifacts
- Higher level security certifications (CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OCSP)
- Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
- A mentoring/leadership background including mentoring other analysts and orchestrating team efforts for problem solving
- Ability to manage projects to completion both individually and in a group
Benefits Include:
- Health Insurance 80% paid by employer
- Dental Insurance 80% paid by employer
- Vision Insurance 80% paid by employer
- Self- Managed vacation leave
- Paid sick leave
- Paid holiday leave
All candidates must be eligible to work in the U.S. for any employer. We are an E-Verify employer.
Lumifi welcomes and encourages diversity in our workplace. All qualified applicants will receive consideration for employment without regard to race color, religion, sex, sexual orientation, gender identity, national origin or disability.