Job
Description
Why itâs worth it: At ReliaQuest, we do things differently. We do not limit your professional growth with outdated job titles and responsibilities. Why be just a âSecurity Analyst,â âDetection Developer,â or âSecurity Engineerâ when you can be all three? As a GreyMatter Specialist, you will do all of that and more. This role is uniquely designed to combine skills of threat detection, engineering, and incident response. On our team, we give you the opportunity to make an impact starting from day one. In this role, youâll develop a diverse skill set which normally takes years to learnâall within your first year. Our industry-leading security operations platform, GreyMatter and immersive training will afford you the tools, experience, and opportunities to grow your career. Whether youâre conducting advanced investigations, troubleshooting technical challenges or providing customer recommendations, youâll be solving real-world challenges and driving impact daily for our enterprise customers. As part of the ReliaQuest team, you will receive mentorship and hands-on experiences while working alongside world-class teammates who share a high-performance mindset. In this environment, your expertise will propel you years ahead of your peers limited to traditional SOC roles. If you are looking for the monotony of manually working security alerts, this job is not for you; but if you are ready to be challenged, we are ready to invest in you. The everyday hustle: Be a trusted technical advisor, resolving customer challenges from start to finish. Provide analysis and recommendations to customers based on alert activity, response playbook availability, and investigations. Triage and fine-tune security alerts, Digital Risk Protection (DRP) alerts, and engineering health alerts to ensure optimal performance. Integrate and configure log sources for existing customers. Troubleshoot and resolve issues related to data parsing and ingestion to ensure smooth operations and data accuracy. Independently integrate and configure log sources, handling both administrative tasks and ad hoc requests to complete work efficiently. Deploy and fine-tune detection rules using GreyMatter Detect. Employ the Cyber Analysis Methodology to conduct investigations. Conduct advanced investigations, including Tier 3 incidents, ad-hoc threat hunts, and customer-requested analyses. Communicate effectively with customers regarding engineering and Incident Response (IR) escalations. Spend 75% of your day in front of the customer Do you have what it takes? Bachelor's degree in a related field Understanding of cybersecurity and IT disciplines including networking, operating systems, authentication protocols, general enterprise network, architecture, and security incident response. Knowledge of TCP/IP Protocols, network analysis, and network/security applications Basic knowledge of Linux/Unix operating systems Ability to blend your technical and communication skills to advise the customer Must demonstrate great attitude, energy, and effort Must be adaptable, focused, accountable, and helpful Must demonstrate excellent verbal and written communication skills (English language) What makes you uncommon? (not required) Certifications such as Network+, Security+, CySA+ 1-3 years' experience as a Security/Network Administrator or equivalent knowledge Prior SIEM experience and/or administration Hands-on experience with parsing data, log formats, regular expressions Scripting experience (bash, PowerShell, python) Multiple OS experience (mac, windows) Knowledge of various security methodologies and processes, and technical security solutions (SIEM, IDS/IPS, Firewall Solutions, Offensive Security tools) Show more Show less
