Associate Detection and Response Analyst (Associate SOC Analyst)

You know that NOP sleds don’t go down snowbanks, and that IR isn’t just on the electromagnetic spectrum. In fact, you’ve owned a few boxes with Metasploit, maybe even tinkered with exploit code. You were really excited the first time you got a reverse shell. Meterpreter might be your payload of choice, maybe even Beacon. You have a lab where you’re spending less time in a Command shell, and more time in PowerShell. You love to solve problems, you’re curious to a fault, and obsessed with learning.

Or maybe you’ve focused just on defense. You remind anyone that will listen to you to update and patch. You understand TCP/IP, know how to analyze pcap files and write detections to defend networks (labs count!). You know ways malware can survive a reboot and how to gather evidence that can prove a file previously executed. You’re constantly reading articles and asking yourself, “how would I detect this?”

Do you dig the breadth and diversity that is the threat landscape? Are you motivated by curiosity to pursue investigative leads and even hunt for attacker activity? Have you gotten a handle on the basics of security analysis and are itching to wield your powers in live environments?

Well then, we'd love to speak with you. Serving as a Security Analyst at Expel may be just what you're looking for. Not only will you help our customers stay safe, you'll learn how to think like an attacker, respond to real attacks, and be encouraged to innovate and solve problems. Surrounded by seasoned analysts, you'll have no shortage of mentors eager to help you master the art.

What Expel Can Do For You

• Get you out of the lab and into real networks with real evil
• Give you an opportunity to learn from seasoned security analysts and incident responders every single day
• Ensure your voice is heard & tied directly to our business direction
• Provide an entertaining small and highly transparent startup environment
• Challenge you to push the bounds of our security vision

What You Can Do For Expel (With the help of training, of course)

• Direct your real passion for information security at protecting our customers
• Participate in our 24x7 shift rotation: x hours, y days, something. If nights are more your thing, please let us know!
• Be perpetually dissatisfied with the state of affairs, then help us get better
• Help us meaningfully impact the security of our customers' organizations
• Once we bring you up to speed, constantly experiment to find new ways of catching bad guys

What You Should Bring With You

• A bachelor's degree in a technical field or a compelling story
• Flexibility and an openness to new challenges because, hey, startup life
• An inquisitive mind and a noble spirit
• A keen sense of humor
• A fundamental understanding of TCP/IP and core application layer protocols
• Fluency with Windows operating systems and command line tools
• Familiarity with cloud applications (O365, Okta, etc) and cloud infrastructure (AWS, GCP, Azure)
• Experience with tools used for forensic acquisition and analysis
• Familiarity with the attack lifecycle (or kill chain, if you prefer)
• If you've got offensive security and/or scripting skills, that's a plus

Additional notes

The base salary range for this role is between $85,000 USD and $90,000 USD + 20% bonus (paid out quarterly) & equity.

We believe in paying transparently and equitably. Your salary will ultimately be based on factors such as your experience, skills, team equity, and market data. You’ll also be eligible for unlimited PTO (which we model and encourage), work location flexibility, up to 24 weeks of parental leave, and really excellent health benefits.

We’re only hiring those authorized to work in the United States. We do not currently sponsor immigration visas.

We’re an Equal Opportunity Employer: You’ll receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

We’ll ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please let us know if you need accommodation of any kind.

#LI-Remote