Zyston is an information security solutions company providing businesses with the comprehensive range of end-to-end services required to build and operate mature, cost-effective information security programs. Zyston’s flagship product, CyberCast, provides the full-service capabilities required to manage complete oversight of an organization’s information security program. This allows companies to develop and operationalize custom-tailored programs built specifically to address their organization’s needs and challenges depending on where they are in the development of their security program.
Within CyberCast is our Security Operations Center, which provides various defensive security services, and is designed to significantly improve our clients’ situational awareness and security posture. The Cybersecurity Architect will be a core technical contributor responsible for the identification, design, implementation and documentation of cybersecurity architecture solutions focused on automation, integration and delivery efficiencies.
The Senior Cyber Security Analyst will be the Subject Matter Expert (SME) on investigation theory and procedures, providing guidance to the Security Analyst team. The ideal candidate will be well versed in security content development, security event analysis through industry best practice toolsets, have a deep knowledge of current emerging threats and be able to develop risk mitigation strategies required to protect the confidentially, integrity, and availability of information systems and data.
This role involves triaging, investigating, and assisting in the remediation of security incidents while providing strategic recommendations to enhance client security postures. You'll work with a diverse array of security tools, including SIEM, EDR, IDS/IPS, and more, to detect, analyze, and mitigate threats. Additionally, you will mentor junior analysts, contribute to process improvements, and lead key incident response efforts.
NOTES:
- This person will work 3rd shift and can choose between 5 - 8 hour shifts or 4 - 10 hour shifts starting at 9pm.
- The successful candidate will have experience in a Managed Service Provider experience
- The successful candidate will have strong EDR skills
Key Responsibilities:
- Monitor, analyze, and investigate security alerts in client environments.
- Provide remediation recommendations for security events and incidents.
- Mentor and guide junior analysts, assisting in training and development.
- Collect, analyze, and deliver actionable threat intelligence to improve detection capabilities.
- Contribute to the creation and enhancement of standard operating procedures and security policies.
- Lead incident investigations during client incident response scenarios, ensuring thorough and effective analysis.
- Collaborate closely with Delivery Managers to prepare client reports, presentations, and attend key meetings.
- Design and implement short- and long-term projects that align with SOC goals and objectives.
- Participate in on-call rotation as a point of escalation for after-hours incidents.
Required Skills:
- Extensive experience as a Tier II/III analyst with a focus on host and network analytics, incident investigations, and EDR.
- Expertise in using SIEM, EDR, vulnerability management, and network traffic analysis tools for comprehensive event investigation.
- Strong understanding of log ingestion processes required to support security use cases.
- Advanced knowledge of networking concepts, including IPv4, TCP/IP, and common protocols.
- Familiarity with cloud security (AWS, Azure, GCP) and regulatory frameworks (PCI, HIPAA, SOC).
- Proven ability to create and analyze security metrics (e.g., MTTD, MTTR).
Qualifications:
- 6+ years of technical experience in Information Security or Network Engineering, with a minimum of 4+ years in a Security Operations Center.
- Strong communication skills, with the ability to convey complex technical details clearly to clients and internal stakeholders.
- Demonstrated ability to work under pressure while maintaining a professional and composed demeanor.
- Proven track record of identifying process improvements and driving change within a SOC environment.
- Availability to participate in an on-call rotation for off-hours support.