Confiz is seeking a Security Analyst to join one of our largest clients on our Cybersecurity Operations team. In this role, you will monitor and triage security alerts, analyze logs from SIEM, EDR, and firewall tools, document and escalate security incidents, and support endpoint and network monitoring in a fast-paced SOC environment. This is an excellent opportunity for an early-career cybersecurity professional with foundational security knowledge, familiarity with industry tools, and a passion for threat detection and incident response.
This is a remote U.S. based position, candidates must be available to work Pacific Time Zone business hours.
This is a 12-hour shift model (6:30 AM - 6:30 PM Pacific Time)
- Schedule 1: MON-WED and every 3rd Sunday
- Scheduled 2: WED-FRI and every 3rd Saturday
Responsibilities
- You will be the first point of contact for triaging security alerts and will engage more senior analysts and management as required
- Correlate data from SIEM, EDR, and firewall logs
- Perform basic log analysis and escalate suspicious activity
- Follow standard operating procedures and escalate issues or improvement opportunities as needed
- Map basic security incidents to MITRE ATT&CK tactics during documentation
- Identifies and escalates issues related to data privacy
- Document incidents in ticketing systems
- Support endpoint and network monitoring activities
- Participate in shift handovers and daily SOC briefings
- Security Monitoring: Understands basic alert types and can triage low-level events
- Security Operations: Follows established SOC procedures and documents findings
- Incident Escalation: Recognizes when to escalate alerts to senior analysts
Qualifications
- 1+ years of experience in IT or security operations (internships or bootcamps acceptable)
- Basic understanding of networking protocols and operating systems
- Basic understanding of incident response phases
- Awareness of common indicators of compromise (IOCs)
- Familiarity with ticketing systems and escalation procedures
- Networking Basics: TCP/IP, DNS, DHCP, HTTP/S, ICMP
- Security Concepts: CIA triad, types of malware, phishing, brute force, DDoS
- Operating Systems: Basic Windows (Event Viewer, Task Manager), Linux (top, ps, netstat)
- Security Tools:
- SIEM: Splunk (basic search), IBM QRadar (offense monitoring)
- AV/EDR: Windows Defender, Crowdstrike
- Ticketing: ServiceNow, Jira
- Familiarity with SIEM tools and log analysis
- Cloud platforms: Basic AWS/Azure console navigation, understanding of cloud service types (IaaS, PaaS, SaaS)
- Basic understanding of containerization concepts (Docker, Kubernetes fundamentals)
- Strong attention to detail and documentation skills
- GenAI tools: ChatGPT or similar for threat research assistance, automated report summarization
- Foundational security certifications (e.g., Security+, Network+, CySA+, GSOC) or pursuing certification
We have a global team of amazing individuals working on highly innovative enterprise projects & products. Our customer base includes Fortune 100 retail and CPG companies, leading store chains, fast growth fintech, and multiple Silicon Valley startups. What makes Confiz stand out is our focus on processes and culture. Confiz is ISO 9001:2015 (QMS), ISO 27001:2022 (ISMS), ISO 20000-1:2018 (ITSM) and ISO 14001:2015 (EMS) Certified. We have a vibrant culture of learning via collaboration and making workplace fun.
People who work with us work with cutting-edge technologies while contributing success to the company as well as to themselves.
To know more about Confiz, visit: https://www.linkedin.com/company/confiz/