Detection Tuning & Optimization Analyst, COE
Job Summary
Job Description
Critical Start is looking for a Detection Tuning & Optimization Analyst with 2+ years of experience in security analyst roles. You'll monitor security tools, analyze alerts, optimize detection accuracy, and collaborate with teams to ensure customer security. Must have skills include SIEM tools, EDR & EPP solutions, network and system security, and incident response.
Must have:
- SIEM tools
- EDR & EPP
- Security Analyst
- Incident Response
Good to have:
- CompTIA Security+
- Certified Ethical
- Hacker (CEH)
- Alert Optimization
Perks:
- Flexible PTO
- Hybrid Work
5 skills required
Job Details
About the job
Who We Are
Want to be part of a company that empowers you to innovate and implement your powerful ideas as you help shape the future of cybersecurity? Since 2012, CRITICALSTART has assisted in safeguarding numerous businesses from cyberattacks, preparing them for upcoming threats, and earning a plethora of awards along the way.
We thrive on innovation, devoid of bureaucracy. CRITICALSTART pioneered the first MOBILESOC app for on-the-go threat detection and response, devised a method to automatically resolve the majority of security alerts, and introduced services that reduce alert investigation time by 99.3% (our analysts truly appreciate us for that).
If you'd prefer to hear from our Critical Crew, watch this video to learn about their perspectives. Look at our Glassdoor reviews for another internal viewpoint ( Pssst ...want to grab our attention when you submit your resume ? Include something about our Glassdoor reviews that resonated with you ) .
What can we offer you ?
We are seeking a Detection Tuning & Optimization Analyst to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, for our India operations. As an Analyst at Critical Start, your role is of utmost importance in the realm of identifying and responding to security alerts. You actively partake in configuring playbooks and event orchestration technologies. With your extensive knowledge of incident detection and response, you significantly contribute to reducing, resolving, and orchestrating events across numerous endpoints and SIEM (Security Information and Event Management) security products.
On a day-to-day basis, you'll be responsible for reviewing and delving into alerts generated by security tools, distinguishing between true and false positives, and taking actions to address these detections. Collaboration is key as you'll work closely with teams ranging from the Security Operations Center, engineeering, Security Engineering, and Implementations/Onboarding to guarantee the customer is in an ideal state before they progress.
What You Will Be Doing?
Required Qualifications:
Imagine a dynamic, enjoyable, and rewarding work environment. We are professionals, and the work we do holds immense significance, like saving our customers from potential disasters. However, we believe in not taking ourselves too seriously.
Prefer a casual dress code every day? No problem, as we find comfort enhances our thinking.
What does our Compensation and Benefits package entail?
This policy encompasses all aspects of employment, including recruitment, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
Mental And Physical Requirements
It's important to note that specific physical and mental requirements may vary depending on the nature of the office job, organization, and individual responsibilities.
Physical:
Interested candidates are invited to visit our career site and apply for the position: https://www.criticalstart.com/careers/
Want to be part of a company that empowers you to innovate and implement your powerful ideas as you help shape the future of cybersecurity? Since 2012, CRITICALSTART has assisted in safeguarding numerous businesses from cyberattacks, preparing them for upcoming threats, and earning a plethora of awards along the way.
We thrive on innovation, devoid of bureaucracy. CRITICALSTART pioneered the first MOBILESOC app for on-the-go threat detection and response, devised a method to automatically resolve the majority of security alerts, and introduced services that reduce alert investigation time by 99.3% (our analysts truly appreciate us for that).
If you'd prefer to hear from our Critical Crew, watch this video to learn about their perspectives. Look at our Glassdoor reviews for another internal viewpoint ( Pssst ...want to grab our attention when you submit your resume ? Include something about our Glassdoor reviews that resonated with you ) .
What can we offer you ?
- Daily opportunities to make a difference. Whether it's protecting our customers from attacks and breaches or contributing to the greater good.
- An a bundance of intelligent, talented, high-performing individuals to collaborate with. We value accountability, support each other's growth, and genuinely enjoy what we do.
- An approach of continuous improvement to revolutionize our industry and surpass mediocrity. While many cybersecurity companies hire competent individuals, we believe in striving for excellence. Don't you believe you're capable of more than just being good?
- Constant learning, unlocking innovative ideas, and a nurturing, cooperative environment.
- Extensive industry recognition. We receive so much acclaim that it's nearly overwhelming . Almost.
- Our teammate put it best: "Every day presents new challenges and ample opportunities for professional growth... Your contributions directly impact the company's overarching purpose, and the sense of belonging and culture are unparalleled.
We are seeking a Detection Tuning & Optimization Analyst to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, for our India operations. As an Analyst at Critical Start, your role is of utmost importance in the realm of identifying and responding to security alerts. You actively partake in configuring playbooks and event orchestration technologies. With your extensive knowledge of incident detection and response, you significantly contribute to reducing, resolving, and orchestrating events across numerous endpoints and SIEM (Security Information and Event Management) security products.
On a day-to-day basis, you'll be responsible for reviewing and delving into alerts generated by security tools, distinguishing between true and false positives, and taking actions to address these detections. Collaboration is key as you'll work closely with teams ranging from the Security Operations Center, engineeering, Security Engineering, and Implementations/Onboarding to guarantee the customer is in an ideal state before they progress.
What You Will Be Doing?
- Incident Detection and Analysis:
- Continuously monitor events generated by our array of security products to proactively identify potential incidents.
- Perform a thorough analysis and investigation of security alerts and escalate to RSOC as needed for official investigation and response .
- Tuning and Alert Optimization:
- Conduct regular reviews of alerts to identify false positives and opportunities for reduction
- Analyze alert patterns and trends to optimize detection accuracy and efficiency
- Collaborate cross-functionally with automation and detection teams to implement necessary improvements
- Develop and maintain standardized orchestration processes for alert management
- Escalate potential false positives to relevant stakeholders, providing detailed analysis for informed decision-making
- Continuously refine alert criteria and thresholds to minimize noise while ensuring critical issues are captured
- Document and track alert optimization efforts, including rationale for changes and impact on system performance
- Reporting and Documentation:
- Adhere to existing internal documentation and processes, ensuring consistency in work output.
- Identify gaps or outdated information in documentation and proactively update as needed.
- Create new documentation for undocumented processes, maintaining quality standards.
- Continuously improve documentation to enhance team efficiency and knowledge sharing.
Required Qualifications:
- 2 years of experience in a relevant security analyst role and the ability to successfully complete a new analyst training program.
- Proficiency in written communication and a strong grasp of technical concepts.
- Exceptional verbal communication skills and the ability to effectively communicate across different teams.
- A solid understanding of SIEM tools, along with hands-on experience with EDR (Endpoint Detection & Response) and EPP (Endpoint Protection Platforms) solutions.
- Competency in network and system security, threat detection, and incident response.
- Outstanding problem-solving, critical thinking, and analytical abilities.
- Capacity to work effectively under pressure in a fast-paced and ever-changing environment.
- Possession of relevant certifications like CompTIA Security+ or Certified Ethical Hacker (CEH) is advantageous.
Imagine a dynamic, enjoyable, and rewarding work environment. We are professionals, and the work we do holds immense significance, like saving our customers from potential disasters. However, we believe in not taking ourselves too seriously.
Prefer a casual dress code every day? No problem, as we find comfort enhances our thinking.
What does our Compensation and Benefits package entail?
- Competitive salary with bonus potential
- Flexible PTO (Paid Time Off) policy
- Depending on the role, you may work in the office, remotely, or adopt a hybrid work model.
- And a new Tesla... just kidding! Kudos for making it to the end.
This policy encompasses all aspects of employment, including recruitment, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
Mental And Physical Requirements
It's important to note that specific physical and mental requirements may vary depending on the nature of the office job, organization, and individual responsibilities.
Physical:
- Stationary position for extended periods of time.
- Constantly operate a computer.
- Occasionally you may be required to move equipment or other items up to 20 lbs.
- The ability to communicate information and ideas so others will understand. Must be able to exchange accurate information in these situations.
- Must be able to apply established protocols in a timely manner.
- Make timely decisions in the context of workflow.
- Ability to complete tasks and perform in situations requiring speed deadlines, or productivity quota.
- Ability to work effectively and efficiently in high stress situations.
- Ability to simultaneously address multiple complex problems.
Interested candidates are invited to visit our career site and apply for the position: https://www.criticalstart.com/careers/
Similar Jobs
Barracuda Networks Inc
Bengaluru, Karnataka, India (Hybrid)
• 3 Months ago
PwC
Zürich, Zurich, Switzerland (On-Site)
• 4 Months ago
PwC
Mumbai, Maharashtra, India (On-Site)
• 4 Months ago
Canva
Brisbane, Queensland, Australia (Remote)
• 3 Months ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Greenway Health
Bengaluru, Karnataka, India (On-Site)
• 3 Months ago
InMobiInMobi
Bengaluru, Karnataka, India (On-Site)
• 2 Months ago
Barracuda Networks Inc
Bengaluru, Karnataka, India (On-Site)
• 4 Months ago
Get notifed when new similar jobs are uploaded
Jobs in Pune, Maharashtra, India
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
Palo Alto Networks
Brussels, Brussels, Belgium (Remote)
• 3 Months ago
PwC
Singapore (On-Site)
• 4 Months ago
Axinous
San Jose, California, United States (Hybrid)
• 3 Months ago
Netflix
United States (Remote)
• 1 Month ago
PwC
Kolkata, West Bengal, India (On-Site)
• 4 Months ago
PwC
Bengaluru, Karnataka, India (On-Site)
• 4 Months ago
Palo Alto Networks
Bengaluru, Karnataka, India (On-Site)
• 3 Months ago
Get notifed when new similar jobs are uploaded
