Security Analyst

Position Overview

Serving in the role of Security Analyst, you will join Vectra's MXDR team and use your knowledge of attack and penetration techniques to analyze and interpret real and persistent threats, piece together indicators of an attack to enumerate the kill-chain, and explain the observed threats in a meaningful and actionable way to both prospects and customers. This is a customer-facing role.

You will be responsible for post sales customer engagement, planning, optimization, and follow-on services and support of the Vectra Platform along with EDR and 3rd party integrations at customer sites. The successful candidate will have sound technical experience and skills, blended with strong interpersonal, communication, and project management skills.

You will resolve complex cyber security challenges and help customers learn how to distinguish benign from malicious network behavior. Leveraging cloud data and advanced machine learning models, you will apply your experience in defending vulnerabilities in real-world networks to anticipate customer challenges and help progress the core technologies of the company – with a focus on empowering customers to get ahead of the threat.

This is a highly technical role and deep knowledge of Linux and networking is required, as well as a strong background in security. Resolving customer issues routinely includes working in complex product and infrastructure configurations, problem troubleshooting and isolation, performance tuning and optimization.

When not working with customers and analyzing the threats present within their networks, as an Analyst you are expected to research new security topics, engage in bug-hunts, and contribute to the community in a way that helps grow both your personal and company brands. As the voice of the customer, you will be an integral part of our success.

This role supports work-from-home arrangements, with periodic onsite visits to Vectra's or Customers' office as necessary. Although preference is given to candidates based in Ireland, we remain open to qualified applicants from across Europe to ensure the best fit for the position.

Your role at a glance

• Analyze threats, piece-together exploitation trails, and study lateral movements of attackers within customer networks.
• Expertly explain to customers your conclusions and recommendations for mitigating or remediating an in-progress attack.
• Identify blind spots in customer network security architecture and provide expert guidance on remediation.
• Provide training and guidance to customers in proper usage of the Vectra platform.
• Engage with enterprise customers as a Vectra product expert to support implementation of the Vectra solution at their sites.
• Be a strong voice for your customers across business to identify new detection models, identify new product features, build content for both internal and external customer knowledge bases.
• Pursue security research topics that contribute to the knowledge and enumeration of new threats.
• Travel expected 5-10%

To be successful in your new role, you have

• Previous experience in a SOC or IR team.
• Solid experience working in a technical customer-facing role.
• Demonstrated experience in working with broad cross-functional teams.
• Exceptional ability of presenting and explaining technology to people with less technical knowledge.
• Excellent organizational, analytical, and writing skills.
• Ability to work independently and adapt quickly.

The technical essentials

• Good understanding of security product lines (firewalls, sandboxing, SIEM, forensics-type platforms).
• Experience with EDR tools including Crowdstrike, Microsoft Defender for Endpoint (MDE) & SentinelOne.
• Knowledge regarding Cloud platforms, including Microsoft Azure, Amazon Web Services, Google Cloud.
• Understanding of network protocols and proficiency with packet capture tools, PCAPs, and their analysis.
• Good understanding of SQL query language.

Experience that impresses us as a plus

• Experience with Active Directory, LDAP, VPN, firewalls, policy management, and LAN/WAN/Internet services administration
• Experience configuring and deploying in Cloud (AWS/Azure) architecture environments
• Scripting skills (preferably Python or Powershell) highly desired. Open source development a plus.
• Experience working with LLMs, prompt design & iteration