Security Threat Analyst

As an Incident Response Analyst at Arete, your role involves reviewing alerts generated by SentinelOne and implementing appropriate containment and mitigation measures. You will be proficient in SIEM, with a focus on QRadar SIEM, and conduct threat monitoring and hunting within SIEM environments. Collaboration with the Forensics team to conduct threat hunting using identified Indicators of Compromise (IoCs) and Tactics, Techniques, and Procedures (TTPs) is essential. Additionally, you will assist the Tiger Team in targeted collections of systems based on identified malicious activities in the client's environment. Your responsibilities also include: - Conducting historical log reviews to support threat hunting efforts - Ensuring all malicious artifacts are mitigated in the SentinelOne console - Examining client-provided documents and files to supplement the SOC investigation and mitigation strategy - Conducting perimeter scans of client infrastructure - Managing client-related tasks within the ConnectWise Manage ticketing system - Creating user accounts in SentinelOne console for the client Moreover, you will be responsible for: - Generating Threat Reports showcasing activity observed within the SentinelOne product - Executing passphrase exports as needed for client offboarding - Submitting legacy installer requests to ensure the team is properly equipped for deployment - Providing timely alert notifications to the IR team of any malicious activity impacting clients - Assisting with uninstalling/migrating SentinelOne In addition, you will: - Generate Ranger reports to provide needed visibility into client environments - Manage and organize client assets (multi-site and multi-group accounts) - Apply appropriate interoperability exclusions relating to SentinelOne and client applications - Troubleshoot SentinelOne installation/interoperability - Contribute to the overall documentation of SOC processes and procedures Participating in Handler on Duty (HOD) shifts as assigned, internally escalating support ticket/alerts, and performing other duties as assigned by management are also part of your responsibilities. Qualifications Required: - Associates degree and 6+ years of IT related experience or Bachelors Degree and 2-5 years related experience - Current or previous knowledge of, or experience with, Endpoint Detection and Response (EDR) toolsets - General knowledge of the Incident Handling Lifecycle - Ability to communicate in both technical and non-technical terms, both oral and written As an Incident Response Analyst at Arete, you will be part of a dedicated and fun team in the fast-growing cyber security industry. Arete Incident Response offers competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k), and exciting opportunities to work with cutting-edge technologies. Please note that the above description is a general overview of the job duties and requirements and is subject to change at the discretion of the Arete Incident Response Human Resources Department.,