Security Operations Center Analyst

Position Overview

Huntress is seeking a motivated Security Operations Center (SOC) Analyst to join our growing team. In this role, you will be responsible for triaging, investigating, responding to, and remediating a variety of cyber intrusions. You will work alongside a dedicated team of cybersecurity professionals focused on protecting companies worldwide from cyberattacks, with ample opportunities for skill progression and career advancement. The Huntress SOC is an elite unit dedicated to combating threat actors and staying at the forefront of emerging threats.

Employment Type

Full-time

Location

Remote (East or Central Time Zone, US)

Reporting Structure

Reports to: Manager, Security Operations Center

Compensation

• Base Salary: $100,000 - $120,000
• Additional Compensation: Bonus and equity
• On-Call Pay: May be eligible for on-call/call-in pay in addition to base pay.

Work Schedule

• Training Period: Monday-Friday
• Post-Training: Subject to change based on business requirements, may include weekends or a 4x10 shift.

About Huntress

Huntress is a fully remote, global team committed to breaking down cybersecurity barriers. We develop purpose-built security solutions, actively hunt down hackers, and strive to make a significant positive impact on our community. Founded in 2015 by former NSA cyber operators, Huntress provides enterprise-grade, fully owned, and managed cybersecurity products at an affordable SaaS price point, making robust security accessible to all businesses, not just large enterprises. Our unique "One Team" advantage ensures our technology is seamlessly integrated with our industry-leading Security Operations Center (SOC). We currently protect over 3 million endpoints and 1 million identities globally, empowering under-resourced IT teams with effective cybersecurity.

Responsibilities

• Triage, investigate, and respond to alerts generated by the Huntress platform.
• Conduct tactical reviews of EDR telemetry, log sources, and forensic artifacts to identify the root cause of attacks and recommend necessary remediation steps.
• Perform tactical malware analysis as part of alert investigations.
• Investigate suspicious Microsoft M365 activity and provide remediation guidance.
• Assist the Product Support team with threat-related escalations and SOC-relevant inquiries.
• Contribute to the creation and tuning of detection engineering efforts.
• Participate in projects aimed at improving outcomes for analysts and partners.
• Engage in collaborative mentoring to foster team growth and individual skill development.

Requirements

• Experience: 2+ years of experience in a SOC or Digital Forensics (DFIR) role.
• Operating Systems: Demonstrated experience with Windows, Linux, and macOS as attack surfaces.
• Threat Actor Tools & Techniques: Demonstrated experience with:
  • MITRE ATT&CK Framework
  • PowerShell & Command Prompt Terminals
  • WMIC, Scheduled Tasks, SCM
  • Windows Domain and host Enumeration Techniques
  • Basic Lateral Movement Techniques
  • Basic Persistence Mechanisms
  • Basic Defense Evasion Techniques
  • Other offensive/Red Team TTPs
• Malware Analysis: Demonstrated experience with static and dynamic malware analysis concepts.
• Windows Administration: Working knowledge of Windows Administration or Enterprise Domain Administration, including Active Directory, Group Policy, and Domain Trusts.
• Networking: Working knowledge of core networking concepts, including common ports/protocols, NAT, Public/Private IPs, and VLANs.
• Web Technologies: Working knowledge of web technologies and concepts, such as web servers/applications and the OWASP Top 10.
• Communication: Effective communication skills.