Lead Security Analyst - Swing
Full-Time, Exempt
Location:
Hybrid, this
position prefers the selected candidate to reside in the Phoenix, AZ areaWe are looking for a Swing Shift Lead to join the Lumifi Cyber Analyst team. The Swing Shift Lead is expected to be hands on operationally and supervise the analysts on the swing shift, but more so focused on leading projects to improve the team, identify gaps and solutions, improve the documentation and processes, and prioritizing the case workload amongst the team.The Swing Shift Lead will have several direct reports of junior and senior analysts on the swing shift and will report to the SOC Director. The position is full-time, offers a base and discretionary quarterly bonus, along with excellent benefits. The shift will be 1pm to 9pm Phoenix Time.
Primary Duties
- Aid in the development and revision of security operation center procedures, protocols, and systems
- Identify and lead projects with the focus of making technological and procedural improvements to SOC operations
- Ensure efficient and cost-effective staffing and scheduling
- Handle escalated customer facing issues and be the designated incident lead for major incidents
- Develop and execute training for all SOC functions
- Provide first-line supervision, mentoring, and leadership of team members
- Manage a staff of security analysts, hire and train new staff, conduct performance reviews, and provide leadership and coaching for team members
- Assist on an as needed basis with triaging alerts and threat hunting
- Maintain on-call hours to handle escalated events after hours and maintain the ability to provide rare emergency coverage in the SOC if needed
Requirements
- Define metrics and reporting strategies that effectively communicate successes and progress of the analyst team
- Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks
- Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP’s (tactics, techniques, and procedures) used by threat actors
- Experience analyzing both log and packet data in a SIEM (RSA NetWitness, Azure Sentinel, Splunk, etc.)
- Strong understanding of incident response methodologies and reporting
- Excellent communication skills, both written and verbal
- Able to remain calm and handle high stress situations in a fast-paced environment
- Strong analytical and problem-solving skills
- Self-motivated and able to balance multiple concurrent projects
Preferred Qualifications
- Minimum of four years of experience performing triage/incident response in enterprise environments
- Minimum of four years of experience performing forensic analysis of logs and packet captures to identify malicious artifacts
- Prior experience mentoring/leading a small team
- Higher level security certifications (CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OCSP, CISSP, CISM)
- Strong understanding of ATT&CK Framework, common web attacks, NIST or SANS Incident Handling Procedures, knowledge of Windows and Linux operating systems, and networking principles
Shift: 1pm to 9pm, Phoenix Time
Benefits Include:
- Health Insurance 80% paid by employer
- Dental Insurance 80% paid by employer
- Vision Insurance 80% paid by employer
- Group Term Life and Long-term disability 100% paid by employer
- Sick, Vacation, and Holiday leave
- Equity Options offered for all employees!
Lumifi welcomes and encourages diversity in our workplace. All qualified applicants will receive consideration for employment without regard to race color, religion, sex, sexual orientation, gender identity, national origin, or disability.All candidates must be eligible to work in the U.S. for any employer.
