Triage Security Analyst
Arctic Wolf
Position Overview and Objective
First level Security Operations Center role, supporting our security services around the world. The ITA is an internal triage analyst who assesses inbound security data and communications, dealing with straightforward tasks and escalating to our Security Engineers as needed. This role also leverages network troubleshooting skills to assist customers in finding resolutions to their technical issues.
Primary Responsibilities and Duties
- Leverage IT infrastructure and networking knowledge and skills to independently identify security incidents. Seek assistance from peers if required.
- Review customer alerting configurations to ensure that the system is operating effectively. Independently change or customize suppressions based on identified customer needs.
- Resolve any issues by leveraging own knowledge and/or documented procedures and playbooks.
- Investigate end-point agent installation and operational issues.
- Troubleshoot and resolve operational health of sensors and scanners in customer environments. Resolve cloud sensor configuration and communication issues.
- Triage customer requests, apply playbook driven solutions, and initiate potential incident investigations through assignment to security engineers. Provide recommendation to improve procedures and processes based on knowledge and experiences with autonomy. Revise playbook solutions as needed based on findings. Independently interpret and diagnose complex issues in order to identify solutions.
- Interact with a variety of different people and personalities with effective dispatch of both security and communication triage events to the correct persons in a timely manner.
- Understand the processes and systems Arctic Wolf uses in order to adequately handle customer requests. Continuously drive to learn new aspects of the security business.
- Identify opportunities to improve runbooks required to aid in expanding the knowledge of the team.
- Mentor new Triage team members as needed on process or to resolve issues using own knowledge.
You will be required to attend trainings, seminars, or webinars relevant to job role to enhance current knowledge base and skill set in order to improve job performance and efficiency.
Key Skills
- Security basics
- Malware knowledge
- Network Routing and Switching knowledge
- Virtual environment experience with VMware or Hyper-V
- Firewalls and IDS/IPS
- Linux, Windows, Mac operating systems
- Windows and Active Directory
- Cloud technologies including AWS, Azure
- MCSE or Active Directory MCP certificates an asset
Minimum Qualifications
Currently enrolled in (or recently completed) a BSc degree in Computer Science or College program in a Cybersecurity discipline OR 2 years in the IT industry.
Demonstrated passion in networking or cybersecurity.
Customer-facing experience in any fashion.
Environment and Physical Demands
Work is primarily sedentary in nature and can be executed sitting or standing positions in an office environment.
Requires ability to utilize technology related to using a keyboard, verbal communication, and work with device screens which require visual acuity.
If located in a company office, often requires the mobility to physically navigate the space.
In the event of business travel, mobility sufficient to utilize public and private transport and navigate to essential locations.
May include moving or lifting of 25 pounds or less (e.g., office chair, reams of paper).
Security Requirements
Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes, and controls to protect the confidentiality, integrity, and availability of AWN business information.
Each successful candidate will be required to pass a criminal background check and an employment verification as a condition of employment.