Senior Consultant, Cloud Incident Response (Remote)
CrowdstrikeFull Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
The ideal candidate will have 2-3 years of full-time experience in an incident response or security operations role. Strong experience with log analytics platforms like Splunk is preferred, along with proficiency in EDR, DLP/Insider Risk, and email security platforms. Experience monitoring and responding to threats in AWS, Linux, and MacOS environments is also required.
This role involves performing in-depth analysis of security alerts and incidents across the enterprise and SpyCloud products. Responsibilities include creating incident response runbooks, contributing to the creation and tuning of detection rules and automated incident handling functions, and continually evaluating and enhancing incident response capabilities through process improvements and automation. The analyst will also perform threat hunting exercises and contribute to onboarding new security data sources. Occasional after-hours work may be required to support incident response efforts.
Cybersecurity for threat intelligence protection
SpyCloud specializes in cybersecurity, focusing on threat intelligence and identity protection for businesses. Its main product, the Cybercrime Analytics Platform, uses data from the dark web to help detect and prevent cyber threats like malware and ransomware. Unlike competitors, SpyCloud offers a comprehensive solution that combines threat intelligence, identity protection, and incident response in one platform. The company's goal is to enable businesses to proactively defend against cyber threats and reduce the risk of data breaches.