Cybersecurity Analyst

About S2:

S2 eliminates risks of separate red- and blue-teams by creating continuously optimized cybersecurity for the modern, constant-threat landscape. Our centralized adversary simulation, detection and response platform, Mage, uses advanced tradecraft to provide continuous red team-as-a-service. With Mage, we find weaknesses before adversaries do, so that every threat is an opportunity for improvement. Deployed as-a-service, S2 makes advanced real-time cybersecurity accessible for all organizations. With smart automation and continuous testing, we help you focus on the most imminent and most critical risks to your enterprise.

S2 is a Small Business that is focused solely on cybersecurity and specializes in Adversary Simulation, Protection and Prevention services. We were founded by cybersecurity experts trained by the National Security Agency (NSA) who were joined by senior cybersecurity entrepreneurs with proven expertise within the Federal Government. We are a growing community of cyber professionals seeking like-minded individuals who are passionate about cybersecurity, seek innovation in our everyday work, hold ourselves and those around us accountable, and have a will to win.

S2. Relentlessly secure.

Stage 2 Security (S2) is currently seeking a Security Operations Analyst as a remote position.

Join a team to play a big part in thwarting cyber attacks. Security Operations Analysts are smart, curious, and passionate about finding and investigating cyber security anomalies. This multi-faceted role involves working with leading technologies in IT and cyber security and requires a candidate to apply their experience and continued personal development. For someone with a passion for cyber security, this role encourages you to focus your time into staying up-to-date with the latest techniques, tactics, and procedures; threat actors; and campaigns while helping our clients remediate threats to their data.

Our mission is to expedite the arrival of a secure cyberspace by out-innovating our adversaries through superior services and solutions. S2 is currently focused on providing superior cybersecurity consulting services to our clients. Our private sector clients are typically large technology focused companies while our public sector clients are commonly from agencies across the federal government. We provided these clients with cybersecurity related services while cultivating a common body of knowledge among all employees at S2.

• Using security tools to perform monitoring and analysis of security events and data to detect security risks and threats on the customer’s network.
• Utilizing cyber hunt techniques to discover violations or threats.
• Using the customer's SIEM (Splunk) to correlate, track, and analyze security data.
• Staying abreast of current threats and vulnerabilities, particularly those that may directly impact the customer.
• Following processes and procedures and providing refinement suggestions for them.
• Proactively searching for security threats in the customer environment.
• Documenting all actions taken as part of incident investigations and working closely with other teams to support the incident management process.

• Degree, Coursework, or Certification in Cybersecurity related fields
• Hands-on experience with security information and event monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting.
• Experience analyzing information technology security events to discern potential security incidents from false positives. This includes security event triage, incident investigation, implementing countermeasures, and conducting incident response.
• Working knowledge of operating systems (e.g. Windows, macOS, Linux, etc.) commonly deployed in enterprise networks.
• Conceptual understanding of Windows Active Directory.
• Familiarity with network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
• Strong logical/critical thinking abilities for analyzing security events (e.g. Windows event logs, network traffic, IDS events) and looking for malicious intent.
• Experience working in cloud environments (e.g. AWS, Azure, GCP)
• Ability to develop rules, filters, views, signatures, countermeasures, and operationally relevant applications and scripts to support analysis and detection efforts.

No third-party candidates will be considered

The Benefits:

S2 is a small business where people come first, and we know and care about each and every employee. This drives us to provide the best possible benefits and we believe that the benefits we offer are a notch above the rest.

The Benefits at S2 include:

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
• Group Term Life, Short-Term Disability, Long-Term Disability
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
• Participation in the Discretionary Time Off (DTO) Program
• 11 Paid Holidays Annually