At Anitian we believe security can be a force for good.  As such, we are on a mission to make security and compliance easy for all. We harness the power and scale of the cloud to empower developers with automated, accelerated, autonomous, and accommodating security technologies.

Anitian is a place where smart people get to be smart. When you join our team, you will enjoy a workplace of creative problem solvers who cherish intelligence, compassion, and boldness.  You will also enjoy the immediate respect of industry peers, as Anitian is recognized as a thought leader in information security.

Anitian has immediate openings to work on our Security Operations team. This is an elite team of security analysts who do not merely monitor for attacks and malware, they actively and aggressively hunt for the evidence of compromise within our client's environments. As a Security Operations Analyst, you will be part of a revolution in managed security. You will work with brilliant people to spot, track, and eradicate hackers and malware. You will also be in on the ground floor of building a next-generation Security Operations Center (SOC). 

SOC Analysts fulfill tier-2 cybersecurity operations and managed detection and response duties. This includes performing threat hunting and data analysis, hunt reporting as well as the operation and routine maintenance of client security platforms. You will apply your previous security analysis background by deeply analyzing data from varied data sources in a correlation platform such as a SIEM. These include cloud, endpoint protection, and vulnerability management platforms. You will also respond to client communications in accordance with SLAs.

This is a night shift position consisting of 12 hour shifts alternating 3 and 4 nights each week (allowing for alternating 4 and 3 days off each week). Security Operations Analysts that work the night shift are paid a shift differential in addition to their salary. 

Duties

Managed Detection and Response - 70%

Effectively perform managed detection and response for clients, entailing:

• Hunt client data sources such as:
  • SIEM
  • Next Generation Firewalls
  • Endpoint Protection platforms
  • Vulnerability management and scanners
  • Windows and Linux server logs
  • Application server logs
  • Identity management platforms
  • Cloud service platforms
  • File Integrity Monitoring
  • OSINT
• Research and implement threat intelligence information from numerous varied, disparate, constantly changing sources
• Operate SIEM and other data analysis platforms
• Report on threat and vulnerability data using risk-evaluation methodologies

Security Operations – 30%

Effectively perform security operations duties such as:

• Provide tier-2 support and maintenance of client security infrastructure including SIEM, endpoint antivirus, vulnerability management, and Windows and Linux systems
• Communicate client status to both technical and non-technical people
• Use a Service Desk ticketing system
• Collaborate with other tiers of support

REQUIRED

• Minimum of 2 years in a hands-on IT role that includes system, network, and security administration
• Two years of security analysis
• Strong written communication skills
• Familiarity with network, system, and security administration, including:
  • Fundamental Windows and Linux administration
  • Next Generation firewall
  • Intrusion Detection/Prevention systems
  • Vulnerability management platforms
  • Enterprise endpoint protection
  • DNS and fundamental TCP/IP protocols
  • Cloud service platforms
  • Web and application servers
• Use of SIEM including creating and modifying queries, alerts, and visualizations
• Deep familiarity with vulnerability scanning and reporting
• Awareness of compliance structures such as PCI, HIPAA, or Fedramp
• Familiarity with security and administration of cloud platforms such as AWS, Office365, and Okta
• Successfully execute and participate Incident response procedures
• Familiarity with data analysis
• Familiarity with OSINT techniques
• Understand and explain threat intelligence models and data

DESIRABLE 

• 2+ years of experience working in cloud environments, preferably AWS
• 1-2 years of experience with Splunk SIEM
• 1-2 years experience managing NGFW, preferably Fortinet or Palo Alto Networks
• 1-2 years of experience with endpoint security, like Symantec or McAfee
• 1-2 years of experience with vulnerability scanners, preferably Nessus 
• Understanding of incident response procedures and practices 
• Experience with security automation technologies, like Phantom are highly desirable
• Formal incident response training or certification, such as SANS 

• This position is based in Portland, OR. Remote work may be considered. 
• Relocation reimbursement is not available for this position.
• Competitive compensation package 
• Four weeks of PTO per year
• Nine paid holidays
• Generous benefit package includes 100% paid health care premium and vision for the employee and dental benefits
• 401K retirement plan, up to 4% matching after a year, and profit sharing
• Educational / professional development reimbursement program
• Candidates must pass a criminal background check, reference check and drug test before being hired.
• Sponsorship for work visas are not available for this position
• Recruiters, do not contact us about this job