By joining Crowe’s Digital Security team, you will be helping make the world a more honest, safe and secure place. As a member of our collaborative team, you will be working alongside experts in the security field to protect our clients from threats and vulnerabilities and assist them with their complex security needs. We will enable an entrepreneurial and innovative environment for you to deliver transformative security consulting services and to develop deeply specialized skill sets demanded in today’s market.
The Managed Detection and Response (MDR) Senior Analyst will be responsible for planning and executing cybersecurity projects. This position will perform work within a project team, as well as oversee the technical work of some junior level personnel.
The MDR Senior Analyst will perform the following responsibilities:
- Support the Crowe Security Intelligence Center.
- Act as a tier two/three on security alerts and incidents.
- Direct and create detection logic.
- Support the management of the Crowe MDR use case library.
- Triage and analyze security events.
- Cover a mix of 2nd shift, 3rd shift and weekends.
- Prepare reports or other necessary documentation to detail results of continuous monitoring.
- Submit recommendations to client for corrective action or to support a recommend approach to solving the client’s needs.
- Participate in planning and implementing of client information systems, including structure, process, and security.
- Participate in strategic and tactical objectives to include new product offerings, identify additional client needs, and generating new business leads.
- Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively.
- Evaluate and/or implement cybersecurity solutions and controls to ensure data security and integrity for our clients.
- Generate ideas for new cybersecurity solutions aligned with our clients evolving needs
- Bachelor's degree required, candidates must possess significant analytical skills, which likely evolved from early academic training in Cybersecurity, Information Systems, Computer Science, or similar discipline.
- Minimum 3-5 years of business experience in the areas of Information Security.
- Security Operations Center experience is strongly preferred
- Certified Information Systems Security Professionals (CISSP) or OSCP certification, or willingness to obtain
- Experience within consulting or professional services, or at leading industry public companies is preferred.
- Prior experience supervising junior level resources in the areas of Information Security.
- Knowledge of Security Operations.
- System and network administration experience on UNIX, Linux, and Microsoft Windows.
- Knowledge of security areas such as Auditing, Policy, Database Security, Firewall Design and Implementation, Risk Analysis, Identity Management, Access Management, or Web Services is very desirable.
- Strong writing and interpersonal communication skills.
- The ability to handle multiple projects concurrently.
Technology Skills preferred:
- Network Security Practices: Auditing, planning, design, implementation, testing, and management
- Cloud environment (AWS, Azure etc.) secure configuration
- Microsoft Windows, Red Hat Linux, IBM AIX, and other UNIX/Linux variants
- Microsoft Active Directory and Group Policy
- Network architecture and protocols: TCP, UPD, IP, HTTP(S), DNS, NetBIOS, SMB, SSH, IPSec, EIGRP, OSPF, BGP, TLS, and others
- Elastic Stack configuration
- SIEM such as ArcSight, Splunk ES, Exabeam, QRadar, Fortisiem etc.
- SOAR such as Siemplify, Swimlane, Demisto etc.
- Automation in python or similar language
- Penetration Testing tools: Burp, Nmap, Metasploit, Empire, Cobalt Strike, and others
- Intrusion Detection, Intrusion Prevention, Security Information and Event Management solutions
- Cryptographic tools, suites, and algorithms