Who We Are
We are a group of dedicated and diverse individuals with a singular purpose – to fight for the future.
At CyVig, our team members are driven, versatile, and committed to expanding their knowledge. We come from different backgrounds and share a passion for cyber security and state-of-the-art technologies. We’re looking for motivated individuals that want to collaborate to create the most resilient security solutions there are.
Join us on our mission to outmaneuver the adversary.
What You’ll Do
- Act as the primary point of escalation for Cyber Security technicians.
- Perform regular reviews of alert tickets handled by junior analysts and provide mentorship.
- Create and perform advanced techniques and smart responses to improve the team's responsiveness and effectiveness as a whole.
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Performs endpoint security monitoring, security event triage, and incident response to detect and respond to advanced threats.
- Identifies potential gaps and offers solutions to include internal team needs, product improvements and client security posture.
- Coordinates with other team members and management to investigate, document and report incidents
- The analyst will also be part of a rotating SOC shift and will need to manage their schedule accordingly to ensure there is coverage during SOC shifts.
- Work with security engineering teams to validate detection effectiveness as well as identifying detection improvements.
- Maintains records of security events investigated and incident response activities, utilizing case management and ticketing systems.
- Perform regular reviews of alert tickets handled by peer analysts.
- Monitors and analyzes EDR and Security Information and Event Management (SEIM) to identify security issues for remediation.
- Provides recommendations, creates, modifies, and updates EDR and Security Information Event Management (SEIM) tool rules.
- Ensure that we are implementing best practice security policies that address the client's business need while protecting their vital corporate assets.
- Take on Security Operations responsibilities when not on a SOC shift: this includes but is not limited to documentation, basic malware analysis, exceptions tracking, security tool management, tuning, and configuration, along with metrics and reporting.
- Support ongoing projects by assisting in the automation, implementation, testing and documentation of security related projects.
- Interact with customers by phone, chat, or trouble ticket on their security or reporting opportunity to provide an exceptional customer experience every day.
- Stay up to date on information technology & security news, trends, and standards.
- Participate in training and continuing education to enhance information security knowledge and skill set.
- This position is part of a team that operates on a 24x7x365 schedule, and the employee must be willing to work on the schedule needed by the business.
- This is an onsite role, based in Scottsdale, Arizona.
- Other duties as identified or assigned.
What You Will Need
- Must have technical troubleshooting and problem-solving skills.
- 3+ years' experience using cyber security methodologies to triage and identify security issues.
- 3+ years' experience in a security analyst role or working in a Security Operations Center (SOC)
- Advanced experience in systems administration of Windows and Linux based operating systems.
- Experience with cloud platforms such as AWS, Azure, or Google Cloud.
- Working knowledge of Palo Alto products, LogRhythym SIEM solution or similar technologies.
- Understanding of firewalls, proxies, SIEM, antivirus, penetration testing, vulnerability scans and IDS/IPS concepts.
- Basic scripting skills or experience with Unix/Linux Shell scripts, Python, Go, PowerShell, C++, C#, Perl
- Ability to identify and remediate vulnerabilities and how to mitigate them.
- Understanding of patch management, risks, and business impact.
- Ability to learn and communicate technical information to non-technical people.
- Must have excellent written & oral communication skills, and strong interpersonal skills.
- Regulatory knowledge (e.g., NIST, CMMC, GDPR, ISO27K, SSAE16, HIPPA, PCI, FISMA)
- Bachelor's degree in computer science or related field or equivalent experience
- Information security industry certification is recommended such as Security+, CEH or other related certification strongly preferred
Who You’ll Report To
Director of Security Operations
CyVig is an Equal Opportunity Employer. We are dedicated to equal employment opportunity regardless of race, color, ancestry, religion, sexual orientation, national origin, sex, age, marital status, citizenship, disability, Veteran status, or gender identity, and do not tolerate harassment of any kind. CyVig celebrates diversity and we're committed to providing an inclusive environment for all.=