ThreatOps Analyst II

Reports To: US ThreatOps Center Manager

Location: Remote US, Ability to work West Coast hours preferred

Compensation Range: $70k to $85k base plus bonus and equity

What We Do: 

Founded in 2015 as a fully remote company by former NSA cyber operators, Huntress was built on a simple premise: to force hackers to earn every inch of their access. 

Today’s cyber-attacks aren’t limited to large organizations with the security tools that can ward off threats. Hackers don't discriminate and will find a way to penetrate any vulnerability in any size business, which is why Huntress focuses on protecting those small to midsize businesses that make up the backbone of our economy.

Huntress stops hidden threats that sneak past preventive security tools by utilizing our award winning security platform and expert human threat hunters through dynamic products including Managed EDR, MDR for Microsoft 365, and Managed Security Awareness Training.

Join the hunt and help us stop hackers in their tracks!

What You’ll Do: 

Do you like puzzles or do you like to take things apart just to figure out how they work and then put them back together? Or do you look at normal everyday things and question “why” and try to improve it? Or perhaps you enjoy researching security related topics and sharing your findings/knowledge with people to help them grow? If so, then keep reading! 

The Huntress ThreatOps team has the unique honor to wake up every morning knowing we’re going to make hackers regret targeting our partners and customers. As a ThreatOps Analyst we’re looking for someone who wants to be at the frontlines countering these constantly evolving threats. Experience with large scale data categorization and classification, host-based threat hunting, malware analysis, and incident response are additional ways to differentiate yourself.

We defend over 2 million endpoints, and that number continues to grow each month. Considering this market’s tighter budget, it’s not financially possible to dedicate human analysts to each client. The ThreatOps team addresses this challenge head-on by using highly automated efficiencies—augmented by our Threat Analysts operating across the globe—that make intruders earn every inch of their access. 

Are you ready for the challenge?

Responsibilities:

• Analyze data for potential threats adding human perspective to our alerting and automation.
• Dig into newly identified malware or vulnerabilities to provide customers with the appropriate details to remediate and leverage the knowledge gained for future automation.
• Help customers by responding to tickets related to security incidents, occasionally aiding with containment and remediation steps.
• Continually growing your knowledge of the internal procedures and processes, the Huntress product, the threat landscape, and customer environments.
• Using analytical thinking and problem solving skills to gain greater efficiencies in the ThreatOps’ processes and procedures or other business processes that impact the ThreatOps team.
• Contribute and add to our collaboratively mentored team - we're all here to make each other better and to keep pushing each other to a higher standard!

What You Bring To The Team:  

• Equivalent self-guided study experience or Bachelor’s degree in Information Technology, Computer Science, System Administration, or Cyber Security.
• Understanding of Malware Analysis (Configuration of isolated Malware Analysis VM, Identification of File Formats, Basic Static & Dynamic analysis). 
• Familiarity and understanding of the Windows OS, and/or Mac OS as an attack surface.
• Familiarity with basic Threat Actor Tools & Techniques: (MITRE ATT&CK Framework, PowerShell & Command Prompt Terminals, WMIC, Scheduled Tasks, SCM, Windows Domain & Host Enumeration Techniques, Basic Lateral Movement Techniques, Basic Persistence Mechanisms, Basic Defense Evasion Techniques, other offensive/Red Team TTPs). 
  • MacOS equivalent of above is a plus.
• Familiarity with Windows Administration or Enterprise Domain Administration and upkeep: (Active Directory, Group Policy, PowerShell, Windows Server Update Service, and Domain Trusts).
• Network Administration Skills: (Network Protocols & Ports, OSI Layers, Network Segmentation techniques such as VLANs, Network Address Translation, Public & Private IP Addresses, Default Gateways, Subnet Masks, and IP Address assignment, DNS, Firewalls, IDS, Load Balancers, and Proxy Servers, Remote Access Methods such as VPNs, RDP, SSH, VNC, and Telnet).
  • Basic network connectivity and how networks work.
• Network Analysis: (Familiarity with Wireshark, network logging, and basic networking ports used).
• Understanding of web technologies (web servers, OWASP top 10, web services, etc.).
• The ability to explain possible complex alerts/events in a non-complex way and mentor other analysts to grow the team.

Preferred Qualifications:

• Experience with scripting languages (such as PowerShell, Python, Bash, PHP, JavaScript, or Ruby) is a plus.
• Familiarity with MSP tools such as RMMs.
• Demonstrated experience on platforms such as HackTheBox, TryHackMe, Blue Team Labs Online, etc. is a plus.
• Participation in Cyber Security competitions such as Capture the Flags, the Collegiate Cyber Defense Competition, etc. is a plus.
• Previous experience in a MSP/MSSP role would be nice but not required.

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy including vacation, sick time, and paid holidays
• 12 weeks paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans 
• 401(k) with 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees 
• One-time $500 stipend to build/upgrade home office
• Annual allowance for education and professional development assistance 
• $75 USD/month digital reimbursement
• Access to both Udemy and BetterUp platforms for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status or any other legally protected status. 

We do discriminate against hackers who try to exploit small businesses.

Accommodations:

If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to [email protected]. Please note non-accommodation requests to this inbox will not receive a response. 

If you have any questions about your personal data privacy at Huntress, please visit our privacy page.