Position Summary: 

We are looking for a highly technical member to join in on our vision to grow out a new and exciting Cyber Defense Operations team. This team is an extension and compliment of our Risk Management and Incident Response Services and provides clients with long term monitoring and detection solutions which allows Clients to harness our ability to quickly respond as well as our expertise to stop threats before they turn into more serious and critical incidents. 

About You: 

Your current role or experience indicates you work on a daily basis analyzing threats in your environment using EDR, SIEM, CTI Sources other similar Security tools. You know how to respond to and analyze a compromised host in your environment and you do so on a regular basis. You keep up with the latest news about the changing threat landscape and routinely craft searches with IOC’s to query log sources and endpoint behaviors to determine if there are compromised devices in your network. You are passionate about defending and have relevant recent experience showing that you do so on a regular basis. 

Responsibilities: 

General  

• Work closely with Incident Response and Cyber Risk Management teams 
• Manage Ticketing System workflows and provides automation ideas to development team to better streamline automation workflows 
• Assists with Quarterly client reports and presentations 
• Manage, mentor, and provide assistance to Junior Analysts 

Client Management  

• Onboard New Clients and assist sales team as a Subject Matter Expert regarding Tetra Defense MDR capabilities 
• Conduct Phishing awareness training and provide reporting and feedback to clients 
• Respond to client notifications and detections in a timely fashion 

Detection & Response  

• Assess, Triage and Respond to security detections from different sources 
• Identify, evaluate and remediate alerts based on static and dynamic analysis and threat intelligence data 
• Preservation and forensic analysis of artifacts on Windows, Mac and Linux Systems 
• Review and analyze OSINT and other data sets to provide new detection and alerting capabilities 
• Analysis of intelligence to identify changes in TTPs across detection types 
• Ability to critically analyze endpoint telemetry data to find threats 
• Ability to craft detection queries based on newly discovered TTPs 

Qualifications: 

Required  

• Bachelor’s degree in Related Field or 5+ Years of Experience in a Cybersecurity role with an emphasis in the following areas: Security Operations Analyst, Threat Intelligence Analyst, Incident Response, Digital Forensics, Vulnerability Management, or other related area 
• 3+ years of Reverse Engineering Malware  
• Understanding of TCP/IP protocols 
• Experience in a client facing consulting or advisory role with a willingness and the ability to provide high level customer service to clients 
• Experience providing and reviewing reporting with Clients including an understanding of how to present reporting based on the audience the report is being delivered to 
• Experience managing malware incidents/detections and the ability to provide clear and accurate remediation steps to clients 
• Experience with ticketing systems and incident tracking 
• Experience with Endpoint Detection & Response Software 
• Knowledge of ATT&CK framework 

Preferred  

• Certifications: GREM or GCFA 
• Knowledge of current attack vectors and trends in cybersecurity 
• Prior Management or leadership experience  

Perks: 

• Collaborative, hard-working, energetic team culture 
• Excellent employer paid benefits – Vision, Medical, and Dental 
• Paid parental leave, including adoption 
• 401K with company match 
• College Savings Plan 
• Company paid professional development and training   
• Unlimited PTO/time off policy 

About Tetra Defense:

Tetra Defense began with one goal in mind: To simplify what’s complicated. We launched our Incident Response & Digital Forensics (DFIR) organization in 2016 to restore businesses during and after complex challenges like ransomware attacks, business email compromise, and insider threats.

As our organization has grown, so has our service offering. We value protection from all sides, leveraging our skilled DFIR team to inform our Cyber Risk Management, Managed Detection & Response (MDR) services and Software Development Team. We provide valuable, straightforward guidance for businesses to proactively address and improve their cybersecurity posture in accordance with the latest threats, and our latest solutions.

Through our continued growth and evolution, we have been told that we do things differently — that we tackle the most difficult tasks in stride, and that we stop at nothing to do what’s best for our clients. We are diligent. We are innovative. We are Tetra.