Cyber Threat Analyst

Quadrant is now Harbor IT!

Salary range for this position is $55,000-$70,000 + a 10% differential for night shift.

This posting is for Monday-Thursday 6pm-4am EST

US Citizenship is required for this role. Quadrant is unable to support visa sponsorship at this time.

Quadrant Information Security is a “full stack” security and development company. Quadrant has a 24/7 SOC to assist our clients with their security needs (detection, monitoring, IR, etc.). We are a group of security professionals first, not auditors. Our people + product approach delivers state-of-the-art technologies with true security expertise. You must be a detail-oriented person who can work with minimum supervision. At the same time, you must be able to work with other Quadrant employees to troubleshoot issues. We admire the time and discipline professionals invest in their education and and certifications, but we love passionate and natural dedication to learning on your own, especially using your “home research lab.” If you are constantly pushing yourself to get better because of your passion and have a foundation in Networking and/or Security, we want to talk to you. Occasional travel to security conferences and paid training.

We have a fun, high-performance culture and open-door policy to our leadership and executives, and we are growing at an amazing pace. Not only do we invite creativity, but we also want innovation. So come add your expertise to an already great platform where your voice will be heard!

Location: Remote

Position: Security Operations Center (SOC) Threat Analyst

What we are looking for

• Self-starters who practice security at home
• Application, knowledge, or exposure to Linux, IDS/IPS tools, SIEM tools, basic networking, log analysis, packet inspection, vulnerability management, scripting and/or development languages, penetration tools, understanding of vulnerabilities and/or exploits, penetration testing, etc.
• Ability to work Monday-Thursday 6pm-4am ET
• Certifications or efforts toward certifications

Collaboration

• This role reports to our SOC manager
• Partner with a 24/7/365 team of SOC analysts as well as interface with teams that include but are not limited to engineering, security operations, reporting, and clients

Responsibilities

• Eyes on target monitoring and resolution of security incidents within established customer Service Level Agreements.
• Performing real-time monitoring and analysis of security events from multiple sources, including but not limited to, events from Security Information Monitoring tools, network, and host-based intrusion detection systems, firewall logs, system logs (Unix & Windows), mainframes, applications, and databases.
• Performing documentation review and improvement, serve front line response for troubleshooting low-level engineering issues as needed.
• Communicating and escalating issues and incidents as required by process and management.
• Specializing in-network and log centric analysis.
• Using IDS, IPS, and/or other signature matching technology.
• Responding to telephone calls or emails following the provided protocols, interfacing with clients as necessary for incident response.

Expectations

• Remaining current on security threats, viruses, and exploits/vulnerabilities
• Developing skills relevant to computer security by reading the provided material and attending company meetings where such issues will be discussed
• BTL1 within first 6 months of hire (Paid for by Quadrant)
• CySA+ within first 12 months (Paid for by Quadrant)
• The secret keyword is "haversine"

Tools/Technology Overview

• Linux
• CLI
• SIEM experience
• Snort/Suricata
• Wireshark
• TCPdump
• nMap
• DNS
• Understanding of traffic/data flow
• Public vs Private IP
• Subnetting
• Packet Inspection Engine
• NAT/SNAT/DNAT
• Scripting – Bash, PowerShell, Python
• Pen testing
• Windows OS
• Active Directory
• Knowledge of current threat landscape
• Basic vulnerabilities and exploits
• Networking fundamentals
• Linux CLI (intermediate-advanced)
• AWS
• Interpreting and (preferably) writing signatures/rules/alerts (Snort, Suricata, Yara, Cisco, Palo Alto, etc...)
• Understands packet Inspection and log analysis
• Familiarity with OSINT resources
• Basic scripting(bash, python, powershell, etc...) **Preferred, not required**
• Experience with threat hunting **Preferred, not required**

We will provide you

• Metrics for success
• 100% paid for benefits (for employee) with additional premium selections
• Matching 401K
• Reimbursement for approved tuition, certifications, conference attendance, and more
• Quadrant approved Holidays (if applicable)
• The ability to always put your family first
• More depending on your position

Schedule:

This posting is for a long-term night shift analyst Mon-Thur 6pm-4am ET. Please note that a day shift position will open but our SOC runs 24x7x365 and our focus right now is to hire during the night shift(s).

Training lasts up to 8 weeks; you will then move to a 4-day, 10 hour per day schedule, or if on day shift, potentially a 5x8 schedule.

Salary: $55,000-$70,000