We are seeking a highly skilled and experienced Senior Cyber Security Analyst to join our team. The ideal candidate will have a strong background in digital forensics, incident response, malware analysis, and reverse engineering. This role requires a proactive individual who can lead technical investigations, mentor junior analysts when necessary, and contribute to the development of our security operations.
As a trusted Managed Security Services Provider (MSSP), STI Group designs, implements, supports, and manages the required operations to support cybersecurity teams at organizations worldwide with monitoring, incident response, and security platform configuration and management.
As a Senior Cyber Security Analyst, you will join a dedicated, professional 24x365 Security Operations team responsible for monitoring, managing, operating, deploying, and continuously improving cybersecurity solutions and network components in client environments.
Senior Cyber Security Analysts work with cross-functional teams that may include IT teams, operational staff, external vendors, third parties, and business partners to address issues across our client environments. As part of the Security Operations team, you will work with limited supervision and direction while executing associated functions and responsibilities.
Everyone at STI Group is encouraged to learn and grow as professionals at a very aggressive pace. The ideal candidate has a passion for information security, excellent analytical and communication skills, a strong foundation in information security concepts, and a moderate to advanced understanding of networking and systems technologies.
Key Responsibilities:
- Lead and conduct highly technical investigations into security incidents, including malware analysis, packet-level examination, and system-level forensic analysis.
- Serve as a subject matter expert in malware analysis and reverse engineering, providing training and guidance to team members.
- Develop and maintain comprehensive incident response plans and procedures, including protocols for identification, remediation, containment, and eradication of security incidents.
- Author and optimize Standard Operating Procedures (SOPs), Killbooks, and Response Playbooks to enhance the efficiency and effectiveness of the Security Operations Center (SOC).
- Utilize EDR/XDR solutions such as CrowdStrike, Microsoft Defender, and SentinelOne to detect and respond to advanced threats.
- Conduct penetration testing and vulnerability assessments to identify and mitigate security risks.
- Lead technical projects and Proof of Concept (POC) testing for new security technologies.
- Mentor and develop junior analysts, fostering a culture of continuous learning and professional growth.
- Collaborate with management to improve team processes and procedures, driving operational efficiency and quality.
- Conduct proactive threat hunting and leverage threat intelligence to enhance detection and response capabilities.
- Produce detailed reports and communicate findings to executive stakeholders, providing recommendations for containment and eradication.
- Participate in threat detection enhancement activities such as SIEM and XDR engineering and detection rules development.
Qualifications:
- Bachelor's degree in Cybersecurity, Information Assurance, or a related field (or equivalent experience).
- 6+ years of experience in cybersecurity operations and incident response.
- Industry certifications such as CISSP, GREM, GCFA, CCSP, and others.
- Proficiency in digital forensics and incident response (DFIR), malware analysis, and reverse engineering.
- Strong knowledge of EDR/XDR solutions and SIEM tools.
- Experience with programming and scripting languages including C++, PowerShell, Python, and Bash.
- Excellent problem-solving skills and the ability to lead complex investigations autonomously.
- Strong communication skills, with the ability to produce high-quality written and verbal reports.
- Proven track record in mentoring and developing talent within a cybersecurity team.
Preferred Skills:
- Experience with automated incident response workflows.
- In-depth understanding of risk management principles and methodologies.
- Familiarity with industry standards and best practices for cybersecurity.
Benefits:
- Competitive salary and benefits package.
- Opportunities for professional development and certification.
- Flexible work environment with remote work options.
- Collaborative and supportive team culture.
Must be eligible to work in the US.