Security Analyst

Plan A Technologies is seeking a Security Analyst to manage day-to-day security operations during a growth period. The role involves handling increased alert volumes from Mimecast email gateway and expanded infrastructure. Responsibilities include email security monitoring, alert triage using Splunk, Greymatter, and Palo SASE, access governance support for ThreatLocker, and incident response for manual alerts. Candidates must have at least 3+ years in a SOC or Security Operations environment and support standard business hours (9 AM - 5 PM PST).

Must Have

• 3+ years of experience in a SOC or Security Operations environment
• Ability to support standard business hours (9 AM - 5 PM PST)
• Monitor and respond to alerts within Mimecast Email Security Gateway
• Handle SOC and CrowdStrike alerts using Splunk, Greymatter, and Palo SASE
• Support ThreatLocker elevation and installation requests
• Perform manual intervention for alerts not covered by automation
• 2+ years of experience managing Mimecast Email Security Gateway
• Proficiency in CrowdStrike and Splunk for alert monitoring and triage
• Experience with Greymatter, Palo SASE, and ThreatLocker elevation requests

Perks & Benefits

• Generous vacation schedule
• Brand new laptop
• Great colleagues and an upbeat work environment

JOB OVERVIEW

Plan A Technologies is looking for a Security Analyst to support day-to-day operations during a period of significant growth. This role is critical for handling the increased alert volume from our recently assumed Mimecast email gateway and our expanded infrastructure.

Please note: you must have at least 3+ years of experience in a SOC or Security Operations environment and must be able to support standard business hours (9 AM - 5 PM PST) to be considered for this role.

JOB RESPONSIBILITY

• Email Security: Monitor and respond to alerts within the Mimecast Email Security Gateway.
• Alert Triage: Handle SOC and CrowdStrike alerts using Splunk, Greymatter, and Palo SASE.
• Access Governance: Support ThreatLocker elevation and installation requests as we remove local admin rights from 7,000 devices.
• Incident Response: Perform manual intervention for the 5% of alerts not covered by existing automation.

EXPERIENCE

• 3+ years of experience in a SOC or Security Operations environment.
• Email Gateway Mastery: 2+ years of experience managing Mimecast Email Security Gateway.
• EDR/SIEM Expertise: Proficiency in CrowdStrike and Splunk for alert monitoring and triage.
• Alert Tooling: Experience with Greymatter, Palo SASE, and ThreatLocker elevation requests.
• Automation Familiarity: Ability to work within an environment that is 95% automated, handling the critical 5% of manual triage.
• Availability: Must be able to support standard business hours (9 AM - 5 PM PST).
• Excellent verbal and written English communication skills.
• Excellent organizational, problem-solving, and analytical abilities.
• Outstanding communication and interpersonal skills.
• Initiative and drive to do great things.

ABOUT THE COMPANY/BENEFITS

Plan A Technologies is an American software development and technology advisory firm that brings top-tier engineering talent to clients around the world. Our software engineers tackle custom product development projects, staff augmentation, major integrations and upgrades, and much more. The team is far more hands-on than the giant outsourcing shops, but still big enough to handle major enterprise clients.

Read more about us here: www.PlanAtechnologies.com .

Location: Work From Home 100% of the time, or come in to one of our global offices. Up to you.

Great colleagues and an upbeat work environment: You'll join an excellent team of supportive engineers and project managers who work hard but don't ever compete with each other.

Benefits: Vacation, Brand New Laptop, and More: You’ll get a generous vacation schedule and other goodies.