What will the Lead Cybersecurity Analyst do?
Coterie’s Security team is hiring a Lead Cybersecurity Analyst (100% Remote!) to lead the organization’s incident response program. This role will be responsible for owning day-to-day security operations, threat detection, and incident response. You will manage and optimize core security tools and build automations to enhance overall operational efficiency. This role works closely with others across the broader security organization. If you are passionate about enabling the business to operate in a secure manner, enjoy wearing different “hats” and working in a fast-paced environment then this role is for you!
As the Lead Cybersecurity Analyst, you'll be able to:
- Perform security monitoring and analysis to detect and investigate security indcidents
- Manage and tune our SIEM, including rule/detection creation
- Build out automations to create efficiencies across the security operations function, especially at the triage level.
- Work with internal and external teams to determine the impact caused by detected intrusions, identify how an intrusion occurred, perform root cause analysis, and assist in recovery efforts
- Act as a SME for security operations initiatives that contribute to greater visibility, improved processes, and maximum value from our toolset
- Provide reporting to help management understand current risk levels
- Develop and maintain metrics that matter and communicate those through dashboards and reporting to leadership
- Create and maintain IR playbooks
- Act as incident commander during incidents and lead incident response tabletop exercises
- Review data from various sources and assess cyber intelligence to support in-depth analysis of various threats
- Support compliance and audit requirements related to security operations
- Identify and improve upon process and technology gaps within the incident response program and security posture overall
- Partner with other teams to continue to mature security across the organization
- Take on additional assignments aligned with organizational priorities
- Availability to be on call every other week to address critical alerts
What we are looking for:
- 5+ years in cybersecurity and 3+ years in Azure cloud-native environments
- Advanced understanding of incident response and investigations
- Experience monitoring a SIEM or equivalent, investigating incidents, and utilizing threat intelligence to enhance detections
- Advanced log analysis (KQL)
- Experience analyzing network traffic (packets) and investigating phishing and business email compromise
- Self-motivated, enthusiastic, detail oriented, skilled in intelligent multi-tasking, and adaptable
- Able to evaluate risk and make risk-based recommendations for escalation or de-prioritization of remediation/mitigation efforts.
- Exceptional written and verbal communication
What will make you stand out:
- Microsoft 365 including Office 365 security experience
- Container security experience (Docker, Kubernetes, etc)
- Powershell experience
- Security (e.g. CySA+, CISSP, GIAC, etc.) or Cloud Certifications (e.g. Azure, CCSP)
Our interview process:
Our hiring process generally consists of 4 phases. The goal is to provide an opportunity for us to learn more about our candidates while allowing them to get to know us as well!
- Phase 1: Qualified candidates will first meet with a member of our People Operations team for a phone interview. This discussion is a high-level conversation to understand more about your background and interests and for us to share more about Coterie and the position.
- Phase 2: Selected candidates will be invited to meet with our Hiring Manager for a 2nd interview via Teams video. This interview is designed to be more detail oriented and allows you to learn more about the role and expected to be 30 minutes in length.
- Phase 3: Top candidates will be invited to participate in an experiential exercise interview. This will include a project provided in advance along with a 1-hour interview conducted with our hiring manager.
- Phase 4: Final candidates will receive an invite to our final interview series. This series will include 1:1 interviews with additional team members. The final series is roughly 1-2 hours in total.
What's in it for you:
Coterie has excellent benefits for all full-time employees. We offer the following:
- 100% remote
- Health insurance through Aetna (we pay 100% of premiums)
- Dental and vision insurance through Guardian (we pay 100% of premiums)
- Basic life insurance (we pay 100% of premiums)
- Access to flexible spending account (FSA) or health savings account (HSA) (for those using HSA eligible plans)
- 401K plan (up 4% match with immediate vest). Must be 21 years of age or older to participate
- Flexible PTO policy offering up to 3 weeks of time off to support onboarding and integration during the first twelve months of employment. After the first year of employment and effective as of the anniversary date, eligibility transitions to up to 4 to 5 weeks of time off annually to recharge and sustain long-term success.
- 12 company-paid holidays each year
- Continuing education annual stipend
- Annual salary estimated between $130,000-$140,000 based on national data. Candidates who meet all the minimum requirements and possess additional relevant experience, as outlined in the job description, may be considered for a salary above the midpoint of the above range. Salary is based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; degrees or certifications, etc.
Work Authorization:
At this time, Coterie Insurance is unable to consider candidates who require current or future visa sponsorship. Applicants must have authorization to work in the United States without the need for sponsorship now or in the future. Falsification of an application, including work authorization status, is immediate grounds for dismissal from consideration.