Senior Cyber Security Analyst (Incident Response) (San Diego) Job at DeepSeas, San Diego, CA

ZnFaTS92VGpCNkJXSFBZamxoRjUwYjFNOWc9PQ==
  • DeepSeas
  • San Diego, CA

Job Description

Senior Cyber Security Analyst (Incident Response)

Department: Security Operations

Employment Type: Full Time

Location: Remote

Reporting To: Cris Hamilton

Description

Position Overview

We are seeking a Senior Security Incident Response Analyst to join our growing Cybersecurity team. The ideal candidate will have extensive hands-on experience in detecting, responding to, and remediating sophisticated cyber threats using industry-leading tools, particularly EDR platforms. This role requires a deep technical background in both offensive and defensive security, forensic analysis, and threat hunting. The successful candidate will serve as a senior technical escalation point for complex incidents and help drive continuous improvement of our incident response capabilities.

Key Responsibilities

  • Lead and conduct advanced investigations into security incidents using EDR, Network traffic analysis, and Forensic tools.
  • Perform root cause analysis and develop mitigation strategies for complex cyber threats, including APTs, malware outbreaks, insider threats, ransomware, encryption, data exfil activities and others.
  • Act as a technical escalation point during major security incidents, providing in-depth knowledge of tools, techniques, and procedures (TTPs) used by threat actors.
  • Conduct deep dive investigations and threat hunting activities to detect and respond to anomalies and early indicators of compromise (IOCs), using EDRs products. (Mostly MS Defender).
  • Perform memory, disk, and log forensics using tools such as Volatility, Autopsy, and Windows/Linux forensic utilities.
  • Develop and refine incident response runbooks, playbooks, and standard operating procedures (SOPs).
  • Contribute with IR Partners by leveraging offensive and threat hunting security knowledge.
  • Assist with post-incident reviews and lessons learned to improve detection and response strategies.
  • Mentor junior IR analysts.
  • Stay current with the threat landscape, emerging attack techniques, and relevant security technologies.

Skills Knowledge and Expertise

  • Experience: Minimum 5+ years in a dedicated Incident Response or Security Operations role, with hands-on investigative experience using advanced EDR solutions (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Carbon Black, etc.).
  • Technical Security Skills:
  • Defensive: Malware analysis, memory forensics, log analysis, endpoint and network triage.
  • Offensive: Understanding of exploitation techniques, red teaming, vulnerability assessment, and attack simulations.
  • Certifications: One or more of the following is required or highly preferred:
  • GIAC GCFA / GCIA / GCIH / GNFA
  • OSCP / OSCE / GPEN
  • Microsoft SC-200 / MS Defender-specific certifications
  • OWASP or web application security certifications
  • Networking and Systems Expertise:
  • Strong understanding of network protocols (TCP/IP, DNS, SMTP, etc.)
  • Proficiency in analyzing packet captures and netflow data (e.g., Wireshark, Zeek)
  • Deep understanding of Windows, Linux, and cloud environments (AWS, Azure)
  • Knowledge of IR Frameworks: NIST 800-61, MITRE ATT&CK, Lockheed Martin Cyber Kill Chain.
  • Scripting and Automation: Python, PowerShell, Bash, or equivalent scripting languages for automating investigation and response tasks.

Why DeepSeas?

At Deep Seas, we like to say that heart rates go down, careers take off, and security programs mature. Our values provide the ultimate guide for our daily behavior and decisions. Without these values, we arent Deep Seas. They preserve the essence of our organization, reflect the personalities of our Deeps (how we affectionately refer to our teammates), and enable us to exceed expectations. Our values are:

  • We are client obsessed.
  • We stand in solidarity with our teammates.
  • We prioritize personal health and well-being.
  • We believe in the power of diversity.
  • We solve hard problems at the speed of cyber.

This is your chance to join a supportive crew of teammates and an industry-leading organization that values opportunities for growth. If DeepSeas sounds like a good fit for you, send us your resume and lets talk!

Information security is everyones responsibility:
  • Understanding and following DeepSeass information security policies and procedures.
  • Remaining vigilant and reporting any suspicious activity or possible weaknesses in DeepSeass information security.
  • Actively participating in DeepSeass efforts to maintain and improve information security.
  • DeepSeas considers this position is as Moderate Risk with a potential to view/access/download restricted/private client/internal data. This information must be treated with Sensitivity and in the most secure manner. HR reserves the right to perform random background/drug Screens to ensure the safety of client/DeepSeas data
#J-18808-Ljbffr

Job Tags

Full time,

Similar Jobs

Paycom Payroll Llc

Data Center Engineer Job at Paycom Payroll Llc

Job Description Primary point of contact for Data Center technologies and related mechanical devices. Participates in projects to design and implement mechanical and electrical improvements to data centers. Develops procedures to outline data center processes, and related...

Canada Post Corp

Facteur rural et suburbain de relève en disponibilité Job at Canada Post Corp

Numro de la demande demploi: 194058 Fonction administrative: Factrices et facteurs ruraux et suburbains Ville principale: Stirling Emplacement(s) supplmentaire(s): Province: Ontario Type demploi: Employ de relve sur appel Statut demploi: ...

Toyota Racing Development USA

Junior IT Administrator (Contract) Job at Toyota Racing Development USA

 ...to join our team. What you will be doing: Provide first-level support for IT-related issues across the organization Set up...  ...team Bonus if you have: CompTIA A+, Network+, or similar entry-level certifications Experience with Google Workspace or... 

Relativity

Advanced Security Engineer - Cyber Security (Washington) Job at Relativity

 ...Advanced Security Engineer - Cyber Security Join to apply for the Advanced Security Engineer - Cyber Security role at Relativity Advanced...  ...toolsets and next generation capabilities. Posting Type Remote Job Overview As an Advanced Cyber Security Engineer,... 

Achieve Test Prep

Virtual Assistant - Remote Job at Achieve Test Prep

 ...Overview:** Are you looking for a flexible, remote opportunity to grow your career and contribute to a dynamic team? Were hiring Virtual Assistants to handle daily administrative tasks. Whether youre just starting out or bring years of experience, we want to hear from you...