The Sr. Analyst provides second-level Cybersecurity Incident Response, client support and upholds defined service level agreements (SLA) and customer service excellence for Information Security and Endpoint Security. Security Sr. Analyst will specialize in Managed Detection and Response service on Microsoft technology stack, primarily Microsoft Sentinel and Defender.
What you will do:
24x7 Support
- Monitor, triage, investigate, remediate and resolve cyber incidents. Escalates unresolved issues to senior team members and/or manager(s)
- Act as an escalation point for SOC first-level analysts, perform root cause analysis.
- Provide technical knowledge transfer to clients and internal department on low complexity problems
- Identifies, records, and escalate service performance trends, anomalies, and SLA breaches to senior leadership
- Apply Trusted Advisor techniques to build up client trust and influence loyalty
- Perform Quality Assurance ticket reviews to identify gaps.
Service Delivery Improvement
- Collaborate with L3 Consultants to improve analytics and reduce false positives.
- Identify potential improvements in SOC processes and procedures, work with management and consultants to implement those.
- Provide mentorship and guidance to less senior resources as a trusted advisor in the application of CDW methodologies and the use of tools and templates to troubleshoot client requests
Professional Development 20% job weight
- Participate in various SOC projects like new use case / analytics development, new SOP creation, new service offering testing, new customer activation, etc.
- Attends training sessions or shadowing activities, and obtains industry related certifications as determined by Manager
- Participate notably in assigned self-paced training
What we expect of you:
- Bachelor's degree (B.A./B.S.) or 3-year diploma in Engineering, Computer Science, or a Technology related field and 1 years of security experience in a client-focused environment, and/or working in a security operations center, OR
- 6 years total of Information Technology experience to include 1 year of security experience in a client-focused environment, and/or working in a security operations center
- At least two intermediate-level certifications in Managed Security Services disciplines, including but not limited to:
- Microsoft SC-200, SC-100, CrowdStrike Falcon: CFIR, Cortex XDR PCDRA, IBM QRadar Security: Certified Analyst, Exabeam Security Analyst: Associate, Advanced, E|CIH, E|CSS, C|EH, GIAC - GSEC, GISF, GEIR, GCIH, or similar technology certifications
- Knowledge and experience with Microsoft Azure are an asset.
- The position is part of a 7-day per week, 24-hour per day managed services operations. To provide the required coverage, must be willing to work weekends, holidays, and overtime.
- Provide direct client support, managing tickets and handling calls.
- Contribute to team objectives and maintain high customer satisfaction.
- Actively engage in coaching and continuous learning to enhance technical skills.
- Apply critical thinking and problem-solving abilities to address challenges.
- Experience in client-based support
- Clear understanding of Managed Security Services offerings and business proposition
