Job Directory CylanceGUARD Sr Analyst - 3rd Shift

CylanceGUARD Sr Analyst - 3rd Shift
Irvine, CA

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.


Job Description

Worker Sub-Type:


Job Description:


The focus of the CylanceGUARD Analyst Level 2 is to perform proactive threat hunting in an effort to identify system compromises. You will participate in several different areas within Security Operations and Incident Response process; these activities will primarily include endpoint digital forensics, threat hunting use case development, security control testing, product detection rule creation, hunt plan development, and product enhancement feedback or development. The Analyst will use data analysis, threat intelligence, and cutting-edge security technologies to perform their threat hunting activities.

Working within the CylanceGUARD team, the Analyst is responsible for reviewing Cylance product alerts to detect advanced threats that evade traditional security solutions as well as creating new detection capabilities to allow for proactive detection of system compromises. The Analyst will ensure that new environments are identified and understood to enable accurate and actionable reporting for other CylanceGUARD tiers. Analysts will also participate in developing processes, procedures, training, etc. for new technologies. The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences


* Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs)
* 3rd Shift- 12 midnight - 9am
* Keep up to date on the latest intelligence on threat actor TTPs/IOCs by reading blogs and performing research in a lab, while also coordinating with Threat Research Teams to develop countermeasures
* Conduct forensic analysis of primarily endpoints; as well as events from a variety of Cylance Endpoint products
* Perform Root Cause Analysis of security incidents to develop enhancements to existing alerting tools
* Compile detailed investigation and analysis reports for internal threat research consumption and delivery to customers
* Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
* Develop advanced queries and alerts to detect adversary actions


* 3+ years of experience in Information Security (Required)
* 2+ years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage (Required)
* Experience with packet analysis and usage of deep packet inspection toolsets.
* Deep understanding of the forensic artifacts within one of the following; Windows, Mac, and/or Linux (Required)
* Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK Matrix. (Required)
* Familiarity with Cylance Endpoint Protection Products (Desired)
* Prior experience working with in the following areas: (Desired)
* Computer Incident Response Team (CIRT)
* Computer Security Incident Response Center (CSIRC)
* Security Operations Center (SOC)
* Experience with APT/crimeware ecosystems (Desired)
* Programming/Scripting with Python, VB, Powershell, and/or Go (Desired)
* Familiar with ELK; building searches, dashboards, and log stash filters (Desired)
* Red/Pentesting Team experience (Desired)


* Bachelor's degree in Computer Science, Engineer or related field
* Certifications such as, OSCP, GPEN, GCFA, GCFE, GREM, GCNA, GCIH, or GCIA


* Current resume
* Cover letter/summary expressing:
* Why you are interested in working at Blackberry Cylance
* The skills, strengths and expertise you will contribute to our diverse team of extraordinary talent and humble hearts

Job Family Group Name:


Scheduled Weekly Hours:


Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.