United States onlyDescription
Binary Defense is seeking a client-facing SOC Analyst to serve as a hands-on contributor within a client’s Security Operations function.
This is a technical position responsible for transforming the client’s detection strategy, organizing detections, tuning rules, and creating and maintaining cross functional feedback loops. Additionally, leading analysis, design, and hands-on analysis and remediation for Attack Surface Reduction functions such as vulnerability management and penetration test remediation.
You’ll play a key role in growing capabilities with leading tools in the client’s environment such as Splunk, Proofpoint, SentinelOne, and more. This role requires deep technical expertise, strong cross-functional communication, and the ability to deliver operational results.
Responsibilities
- Create internal alert strategy and process documentation for how client identifies alerting opportunities, prioritizes based on threat level, with a focus and priority on gaps
- Review alerts that are too noisy to tune and drive down alert fatigue
- Assess alerts that haven’t triggered to determine whether logic needs to
- Be the main point of contact to the MDR Provider’s Detection team
- Work with the client’s Incident Responders on alert feedback loops; analyze true and false positive alerts
- Create regular reporting cadence for of all detections created, rules tuned
- Contribute to client’s homegrown “Signal to Noise ratio” detection metric
- Coordinate with MDR Threat Hunting team to request and implement Sentinel One STAR rules
- Map detections to standard frameworks such as the Cyber Killchain
- Work with MDR provider on an ongoing tuning of the on-call criteria
- Perform attack surface reduction including full-scope change management, cross functional coordination, enterprise communication planning/execution, execution of changes in support of security remediation
- Provide vulnerability prioritization and analysis, ticketing, reporting, trending, metrics, assistance to patch teams on troubleshooting root cause of patching challenges
- Analyze stale identities and accounts, admin privileges, and recommend and implement improvements
Requirements
- 5+ Years Security Operations or Equivalent Experience
- Experience with Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) tools
- Experience mapping detections to common frameworks and risk reduction models
- Familiarity with the latest trends in attacker TTPs
About Binary Defense
Binary Defense is a trusted leader in security operations, supporting companies of all sizes to proactively monitor, detect and respond to cyberattacks. The company offers a personalized Open XDR approach to Managed Detection and Response, advanced Threat Hunting, Digital Risk Protection, Phishing Response, and Incident Response services, helping customers mature their security program efficiently and effectively based on their unique risks and business needs.
With a world-class 24/7 SOC, deep domain expertise in cyber, and sophisticated technology, hundreds of companies across every industry have entrusted Binary Defense to protect their business. Binary Defense gives companies actionable insights within minutes not hours, the confidence in their program to be resilient to ever-changing threats, and the time back that matters most to their business.
Binary Defense is also the Trusted Cybersecurity Partner of the Cleveland Browns and partners with PGA TOUR players. For more information, visit ourwebsite, check out ourblog, or follow us onLinkedIn.
Binary Defense offers competitive medical, dental and vision coverage for employees and dependents, a 401k match which vests every payroll, a flexible and remote friendly work environment, as well as training opportunities to expand your skill set (to name a few!). If you’re interested in joining a growing team with great perks, we encourage you to apply!
