Threat Responder

Company	Deepwatch
Location	Washington, DC, USA, San Francisco, CA, USA, Austin, TX, USA, Tampa, FL, USA, Denver, CO, USA
Salary	$106000 – $124000
Type	Full-Time
Degrees
Experience Level	Mid Level, Senior

Have proven experience in Cybersecurity Operations
Be experienced with Incident Handling and Response
Possess experience in Endpoint Detection and Response Tools such as SentinelOne and Crowdstrike
Demonstrate experience communicating with and presenting to customers
Possess experience with Operating Systems and Networks
Possess experience in leveraging common IR frameworks (e.g. PICERL, NIST)
Possess experience in SOAR, Ticketing Systems and Threat Intelligence platforms
Possess experience in Velociraptor and Splunk
Have an understanding of attacker methodology including the tactics, techniques, and procedures
Demonstrate Subject Matter Expertise (SME) in at least one of the following areas: Digital Forensics & Incident Response (DFIR), Malware Analysis, Reverse Engineering, Threat Intelligence, Network Traffic Analysis, Threat Hunting, Penetration Testing

Provide Incident Response support and perform investigations in customer environments
Validate suspicious events and incidents by using open-source and proprietary intelligence sources
Report, document, and manage incidents in a case management system
Document new tools and techniques and disseminate them to the rest of the team
Keep up-to-date with information security news, techniques, and trends
Escalate any gaps in log collection or reporting as soon as possible, if identified
Provide subject matter expertise while working with internal teams to produce content regarding new threats, techniques, and information for internal and external consumption (hunts, dashboards, alerts, reports, SOAR workbooks, use cases, blogs, etc.)
On an ad-hoc basis, respond to customers to resolve issues, provide additional information, and answer questions related to incidents and hunt efforts

No preferred qualifications provided.