Threat Analyst 2 - German Speaking

• Investigate and analyze logs and security-related events via Sophos tooling 

• Handle escalations from Tier I Threat Analysts - guide / advise on investigation handling 

• Onboard and train new Threat Analysts 

• Create cases, track and follow up with clients through threat neutralization 

• Communicate and document findings to various customer audiences including technical and executive teams 

• Follow up with customers through to issue resolution and drive continuous improvement by providing detailed recommendations to minimize risk in customer environments  

• Acknowledge and satisfy inbound customer requests and interact with customers through various mediums (Email, Phone, Ticket) 

• Collaborate and assist with core security and threat response teams 

• Actively research emerging Indicators of Compromise/Attack, exploits and vulnerabilities  

• Conduct threat hunting to identify potential threats throughout the MDR customer base 

• Participate in Security Operations process improvement and creation 

• Obtain metrics for reporting on threat trends, intelligence analysis and situational awareness

Essential

• Professional working proficiency in both German and English are required 

• Willingness to work outside of standard business days including weekends and holidays – our MDR service is 24x7x365 (Hours are standard business hours) 

• 2+ years of experience working in a SOC environment or computer security team in an IT environment 

• Endpoint and network security experience required; IDS, IPS, EDR, ATP, Malware defenses and monitoring experience 

• Experience with threat hunting 

• Experience administering and supporting Windows OS (workstations and server) and one of the following: Apple or Linux-based operating systems (RedHat, Debian, Ubuntu, OS X) 

• Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, defense evasion, etc. 

• Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc. 

• Strong understanding of Windows event log analysis 

• Working knowledge of incident response procedures 

• Passion for all things related to information technology and cybersecurity 

• Natural curiosity and ability to learn new skills quickly 

• Excellent troubleshooting and analytical skills, with proven ability to think outside the box 

• Customer service-oriented with strong written and verbal communication skills 

• Must thrive within a team environment as well as on an individual basis 

• Innovative mindset and driven to contribute to a team providing a best-in-class cybersecurity service 

• Bachelors in Information Technology, Computer Science or a related field; or relevant commensurate work experience 

Desirable 

• Knowledge of MITRE ATT&CK framework 

• Experience with SQL query construction  

• Experience with OSQuery Programming and scripting skills - proficient knowledge of PowerShell 

• Experience with enterprise information security data management - SIEM 

• Advanced Cyber Security certifications