Detective and intelligence analyst job description

Role Summary/Purpose:
A Threat Detection Analyst participates in coverage for alert monitoring and incident detection and also supports preliminary incident response where appropriate. The L1 Analyst is responsible for the initial triage of security alerts and indicators generated by the incident monitoring systems (e.g. Splunk ES). This will require personnel to look at the highest number of alerts, while performing the lowest level of analysis. Analysts continuously monitor the alert queue for new alerts and are direct consumers of the JSOC configured security suite. The role determines if an alert is deemed an incident and will be required to query referential information such as events to add context to the alert.
Essential Responsibilities:
Monitors alerting tools and also handles escalated incidents from Helpdesk, Physical Security, Network Team and Customers.Triages alerts as they come in and action appropriately.Respond to common alerts in a consistent and repeatable manner from multiple alerting sources.Responsible for triage of a variety of alerts stemming from C2 beaconing, malware, or phishing attempts.Provide escalations of unknown threats to Level 2.Identify abnormal security events and trigger the call list / distribution list.

Qualifications/Requirements:
Minimum Graduation degree with minimum 1 year of experience in SOC operations in lieu of degree, minimum 3 years of experience in SOC operations Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis.Possess personal and professional integrity. Individuals will be required to submit to a background examination.Good oral and written communication skills.Possess desire to solve problems logically.For Internal Applicants: Understand the criteria or mandatory skills required for the role, before applying.Inform your Manager or HRM before applying for any role on Workday.Ensure that your Professional Profile is updated (fields such as Education, Prior experience, Other skills) and it is mandatory to upload your updated resume (Word or PDF format) Must not be any corrective action plan (First Formal/Final Formal, PIP) Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.Level 5, 6 & 7 employees are eligible to apply
Desired Characteristics:
Ability to perform logical problem solving.Possess basic understanding of enterprise grade technologies including operating systems, databases and web applications.Ability to read and understand basic system data including security event logs, system logs, application logs, and network traffic.Demonstrate understanding for basic internet traffic concepts (e.g. DNS, HTTPS, HTTP).Network infrastructure knowledge (e.g. router, switch, firewall).Security best practices for operating systems such as Microsoft Windows or Redhat.Experience of working in high performing teams and understand the dynamics of teamwork in a SOC environment.

Grade/Level: 08

Job Family Group:
Information Technology

SeatGeek believes live events are powerful experiences that unite humans. With our technological savvy and fan-first attitude we're simplifying and modernizing the ticketing industry.

By catering to both consumers and enterprises, we're powering a new, open entertainment ecosystem where fans have effortless access to experiences, and teams, venues, and shows have seamless access to their audiences. Because everyone should expect more from ticketing.

As a threat detection analyst you will be the detective responsible for the analysis, documentation and resolution of cyber security notable events and incidents. You will work alongside engineers, developers and various other internal teams to close the case while also working on fun and exciting projects around network defense and user training.
What you'll do

* Primary responder to notable events, critical incidents, threats, vulnerabilities and bring these issues to resolution
* Primary communicator/coordinator with internal and 3rd party teams for notable events and incidents
* Perform case management duties
* Primary coordinator for annual table-top exercises.
* Primary coordinator for lessons learned related to cyber security incidents
* Primary coordinator for threat hunt activities and outcomes
* Thought leader around new security alert content creation and logic updates
* Design, document, and implement internal threat detection and incident response processes, procedures, guidelines, and solutions

What you have

* Bachelor's degree or equivalent IT/Security industry experience
* 3+ years security analysis experience
* 2+ years of IT or networking experience
* Industry recognized professional certification such as (but not limited to):
* GCIH, GMON
* Security+, CySA+
* Hands-on experience in a Security Operations Center environment conducting network, host, or threat analysis.
* Intermediate Linux/Unix, Windows and MacOS knowledge
* Working knowledge of industry leading EDR tools (Carbon Black, CrowdStrike)
* Working knowledge of industry leading log analysis tools (Elastic, Splunk)
* Knowledge of the cyber threat landscape, including actors, TTPs, targets, etc.
* Knowledge of system security vulnerabilities and remediation techniques.
* Cloud security fundamentals
* Excellent verbal and written communication skills
* Good independent problem-solving experience.
* Ability to manage parallel tasks and accurately document resolutions.
* IT systems troubleshooting experience.
* Excellent customer service skills

Perks

* Equity stake
* Flexible work environment, allowing you to work as many days a week in the office as you'd like or 100% remotely
* A WFH stipend to support your home office setup
* Flexible PTO
* Up to 16 weeks of paid family leave
* 401(k) matching program
* Health, vision, dental, and life insurance
* Annual subscriptions to Headspace, Ginger.io, and One Medical
* $120 a month to spend on tickets to live events
* Annual subscription to Spotify, Apple Music, or Amazon music

SeatGeek is committed to providing equal employment opportunities to all employees and applicants for employment regardless of race, color, religion, creed, age, national origin or ancestry, ethnicity, sex, sexual orientation, gender identity or expression, disability, military or veteran status, or any other category protected by federal, state, or local law. As an equal opportunities employer, we recognize that diversity is a positive attribute and we welcome the differences and benefits that a diverse culture brings. Come join us!

#LI-Remote